Well, gee Jackson - do you really think that turning off Anonymous LDAP access is a good idea? I mean, your new default model in Windows Server 2003 is certainly causing me a lot of work in having to ADD Security Principals to resources and directories. I'd like to request that you go back to the NT 4.0 model of Everyone Full Control, please. My job is much easier when I don't have to do anything to allow users to gain access to the system. Rick Kingslan MCSE, MCSA, MCT No Security Professional Microsoft MVP - Active Directory Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone
P.S. This would have been much better if it was, I don't know - April 1st or something. P.P.S. ;op ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jackson Shaw Sent: Tuesday, September 23, 2003 11:25 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] openLDAP for Windows 2003 active directory Anonymous LDAP access is turned off in W2K3 by default – that could be the issue…. ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Roger Seielstad Sent: Tuesday, September 23, 2003 5:18 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] openLDAP for Windows 2003 active directory I believe he meant that V2 didn't work, not V3 - which would make sense, if one considers Win2k3 is supposed to be more locked down by default, which I'd take to mean the bare minimum of allowed protocols - v3 only for instance. -------------------------------------------------------------- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -----Original Message----- From: Joe [mailto:[EMAIL PROTECTED] Sent: Monday, September 22, 2003 10:10 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] openLDAP for Windows 2003 active directory Interesting. I can vouche that V3 works fine on AD2K as that is all the C++ code I write. The only thing that comes into my head that could be an issue without seeing search filters and such is authentication issues. ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of ??? Sent: Monday, September 22, 2003 7:12 PM To: [EMAIL PROTECTED] We were leveraging the SendMail on Linux as the front end of Microsoft Exchange Server and the purpose of the openLDAP script is to query the AD and check if the recepiant's email address exist in the AD before receiving to lower the load of Exchange. The script was working on the Linux with Windows 2000 environment, but I did not work with Windows 2003 environment. After lots of trying, we finally change the version of the LDAP from 2 to 3 and it works perfectly now. :-) Anybody got a document/link which can explain this to me? I was told that version of 3 had some problem with Windows 2000 before and it seems that 3 is the only version work with Windows 2003 now. Thanks a lot. Po-Shan. Carlos Magalhaes <[EMAIL PROTECTED]> wrote: Hi there, Can you pos the code here so we can have a look, and yes there was some changes from w2k to w2k3. Maybe some multi valued values might be catching you. But lets see the code. Also what do you mean how can one get the openLDAP to query Windows 2003 AD what do you want to do exactly? Carlos Magalhaes 每 LDAP , Active Directory Programming http://groups.yahoo.com/group/adsianddirectoryservices -----Originalere, Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Saturday, September 20, 2003 11:45 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] openLDAP for Windows 2003 active directory Hi, Can someone pls tell me how can I use openLDAP on Linux to query the Windows 2003 active directory data? I was able to use my old openLDAP script to run against Windows 2000 before, but after I upgrade my Windows 2000 to Windows 2003, the script does not work any more. Can someone pls tell me what could be wrong? The field I am accessing is proxyAddresses which should be common and should not be changed during two versions. Sample code would be very helpful. Thanks a lot. Po-Shan. ________________________________ 藩毞飲 Yahoo!藻 漆腔?伎﹜餫腔洘﹜斕腔僅ㄛ專婓陓?菁 陓?菁 <http://tw.promo.yahoo.com/mail_premium/stationery.html> ------------------------------------------------------------- This email and any files transmitted are confidential and intended solely for the use of the individual or entity to which they are addressed, whose privacy should be respected. Any views or opinions are solely those of the author and do not necessarily represent those of the Trencor Group, or any of its representatives, unless specifically stated. Email transmission cannot be guaranteed to be secure, error free or without virus contamination. The sender therefore accepts no liability for any errors or omissions in the contents of this message, nor for any virus infection that might result from opening this message. Trencor is not responsible in the event of any third party interception of this email. If you have received this email in error please notify [EMAIL PROTECTED] For more information about Trencor, visit www.trencor.net ________________________________ 每天都 Yahoo!奇摩 海的顏色、風的氣息、愛你的溫度,盡在信紙底圖 信紙底圖 <http://tw.promo.yahoo.com/mail_premium/stationery.html> List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
