I'm the one who started this thread...thanks for all the replies.
Here's what we came up with that works:
1. Create an IP Filter List for ports 389 and 636 from any address to
'My IP address'
2. Create a Filter Action to block traffic
3. Create a IP Security Policy that includes the Filter Action and
Filter list above
4. Using the IP Security snapin on the DC in question, right-click and
Assign the policy when you want the LDAP server to 'disappear'
5. Right-click and Unassign the policy when you want to restore normal
operation.
Thanks again for all the replies.
Dave
> >
> > I'm working with an applications group to test their new
> LDAP-enabled app.
> > As part of their 'break-it' testing in the lab, they wish to
> simulate the
> > failure of the LDAP server (a Win2K DC). Sure, I could just shut
> > it down or
> > disconnect the network cable, but I was wondering if I can get the
same
> > result just by stopping a service. Pausing netlogon does not
> > seem to do it,
> > and there's no separate LDAP server service to stop.
> >
> > Any ideas ?
> >
> > Dave Fugleberg
List info: http://www.activedir.org/mail_list.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
