LDAP authentication – 2003

Topic

New Reply

(Edited by Leif to make link live – see the quick guide and/or Help 19)

This was part of query “LDAP and Outlook 2000 (2000 Office SP3)” [Post: 433399] in the Outlook forum.

I am using LDAP to allow Outlook to query Active Directory for user’s e-mail addresses. I’d like to look into altering the permissions settings so that I can use different version of Outlook. I’ve found this article that describe part of the problem and a fix: http://support.microsoft.com/?kbid=326690%5B/url%5D

However, I can’t find Adsiedit.msc nor ldp.exe. Is there another way of doing this, or do I need to install some tools before I can make the change?

Reply | Quote

Replies

I’ve found this article: Microsoft Knowledge Base Article 320528 which covers what I am trying to do. I also found a reference to doing this in Robbie Allen’s book “Active Directory Cookbook” p436 (O’Reilly). As wells as allowing anonymous access, I also have to set permissions on the directory objects. However, some attributes only seem to be available on user objects. That means I cannot set the attribute at the OU level and let it pass down to the users via inheritance. Which leaves me with three options: Set “Read all” for anonymous logon (which I don’t want to do for security reasons), Set the attributes for each user individually (Hard work), or create a script to do it for me (possible, but time consuming and how do I test without risking messing up the directory). So unless someone can suggest another option, I’m giving up on this plan. I’ll stick with things as they are.

Reply | Quote

Oh! and I got hold of a copy of ADSI Edit via the XP support tools – complete install. Free download from Microsoft:

http://www.microsoft.com/downloads….

Reply | Quote

Oh! and I got hold of a copy of ADSI Edit via the XP support tools – complete install. Free download from Microsoft:

http://www.microsoft.com/downloads….

Reply | Quote

I’ve found this article: Microsoft Knowledge Base Article 320528 which covers what I am trying to do. I also found a reference to doing this in Robbie Allen’s book “Active Directory Cookbook” p436 (O’Reilly). As wells as allowing anonymous access, I also have to set permissions on the directory objects. However, some attributes only seem to be available on user objects. That means I cannot set the attribute at the OU level and let it pass down to the users via inheritance. Which leaves me with three options: Set “Read all” for anonymous logon (which I don’t want to do for security reasons), Set the attributes for each user individually (Hard work), or create a script to do it for me (possible, but time consuming and how do I test without risking messing up the directory). So unless someone can suggest another option, I’m giving up on this plan. I’ll stick with things as they are.

Reply | Quote