Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 110
  • Last Modified:

Active Directory LDAP Query

Hi

I am in the process of configuring LDAP as we have a third party application that needs to query AD users.  I have created an AD account for this function, the only group membership is Domain users and using LDAP Administrator I can now browse AD.

I would like to lock this down so the application can only see certain OU.  Is there a simple way to do this ?

Thanks
0
bains1000
Asked:
bains1000
  • 2
1 Solution
 
Joshua GrantomSenior EngineerCommented:
remove them from Domain Users, create a new group (ex. AD Read Only) add that account to that group.

Now in ADUC, go to the OU that you want them to be able to read, right click, go to properties, security, and only give that group (AD Read Only) rights to read child objects of that OU.

Repeat this for each OU you want it to be able to read.
0
 
bains1000Author Commented:
Thanks worked a treat
0
 
Joshua GrantomSenior EngineerCommented:
Glad to help!
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now