Search for users in an AD via an LDS instance










0















I am attempting to configure a system that will allow me to search an active directory via an LDS instance.



So far I have:



  • One Windows 10 machine with the LDP client installed

  • One virtual Windows Server 2016 machine with an AD and domain controller

  • One virtual Windows Server 2016 machine with an LDS instance

The server hosting the LDS instance has been added to the same domain as the domain controller allowing me to bind to users within the AD via LDAP.



However I am unable to search for users despite being bound to a user in the active directory I am attempting to search. The issue appears to relate to LDAP referrals, such that if I add the IP address and domain of the AD to the hosts file on the client machine, the LDP client will successfully find the users in the AD. If I remove the entry from the hosts file the LDP client no longer seems to be able to resolve the domain name.










share|improve this question






















  • By "LDP client", do you mean the application LDP.exe?

    – Gabriel Luci
    Nov 15 '18 at 14:42











  • I do yes, the LDP.exe running on the windows 10 machine

    – Biggy
    Nov 15 '18 at 14:50











  • Is the Windows 10 machine that you are running this from joined to the domain?

    – Gabriel Luci
    Nov 15 '18 at 14:55











  • No the Windows 10 machine needs to remain separate from the domain.

    – Biggy
    Nov 15 '18 at 14:57















0















I am attempting to configure a system that will allow me to search an active directory via an LDS instance.



So far I have:



  • One Windows 10 machine with the LDP client installed

  • One virtual Windows Server 2016 machine with an AD and domain controller

  • One virtual Windows Server 2016 machine with an LDS instance

The server hosting the LDS instance has been added to the same domain as the domain controller allowing me to bind to users within the AD via LDAP.



However I am unable to search for users despite being bound to a user in the active directory I am attempting to search. The issue appears to relate to LDAP referrals, such that if I add the IP address and domain of the AD to the hosts file on the client machine, the LDP client will successfully find the users in the AD. If I remove the entry from the hosts file the LDP client no longer seems to be able to resolve the domain name.










share|improve this question






















  • By "LDP client", do you mean the application LDP.exe?

    – Gabriel Luci
    Nov 15 '18 at 14:42











  • I do yes, the LDP.exe running on the windows 10 machine

    – Biggy
    Nov 15 '18 at 14:50











  • Is the Windows 10 machine that you are running this from joined to the domain?

    – Gabriel Luci
    Nov 15 '18 at 14:55











  • No the Windows 10 machine needs to remain separate from the domain.

    – Biggy
    Nov 15 '18 at 14:57













0












0








0








I am attempting to configure a system that will allow me to search an active directory via an LDS instance.



So far I have:



  • One Windows 10 machine with the LDP client installed

  • One virtual Windows Server 2016 machine with an AD and domain controller

  • One virtual Windows Server 2016 machine with an LDS instance

The server hosting the LDS instance has been added to the same domain as the domain controller allowing me to bind to users within the AD via LDAP.



However I am unable to search for users despite being bound to a user in the active directory I am attempting to search. The issue appears to relate to LDAP referrals, such that if I add the IP address and domain of the AD to the hosts file on the client machine, the LDP client will successfully find the users in the AD. If I remove the entry from the hosts file the LDP client no longer seems to be able to resolve the domain name.










share|improve this question














I am attempting to configure a system that will allow me to search an active directory via an LDS instance.



So far I have:



  • One Windows 10 machine with the LDP client installed

  • One virtual Windows Server 2016 machine with an AD and domain controller

  • One virtual Windows Server 2016 machine with an LDS instance

The server hosting the LDS instance has been added to the same domain as the domain controller allowing me to bind to users within the AD via LDAP.



However I am unable to search for users despite being bound to a user in the active directory I am attempting to search. The issue appears to relate to LDAP referrals, such that if I add the IP address and domain of the AD to the hosts file on the client machine, the LDP client will successfully find the users in the AD. If I remove the entry from the hosts file the LDP client no longer seems to be able to resolve the domain name.







active-directory ldap lds






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Nov 15 '18 at 14:22









BiggyBiggy

1




1












  • By "LDP client", do you mean the application LDP.exe?

    – Gabriel Luci
    Nov 15 '18 at 14:42











  • I do yes, the LDP.exe running on the windows 10 machine

    – Biggy
    Nov 15 '18 at 14:50











  • Is the Windows 10 machine that you are running this from joined to the domain?

    – Gabriel Luci
    Nov 15 '18 at 14:55











  • No the Windows 10 machine needs to remain separate from the domain.

    – Biggy
    Nov 15 '18 at 14:57

















  • By "LDP client", do you mean the application LDP.exe?

    – Gabriel Luci
    Nov 15 '18 at 14:42











  • I do yes, the LDP.exe running on the windows 10 machine

    – Biggy
    Nov 15 '18 at 14:50











  • Is the Windows 10 machine that you are running this from joined to the domain?

    – Gabriel Luci
    Nov 15 '18 at 14:55











  • No the Windows 10 machine needs to remain separate from the domain.

    – Biggy
    Nov 15 '18 at 14:57
















By "LDP client", do you mean the application LDP.exe?

– Gabriel Luci
Nov 15 '18 at 14:42





By "LDP client", do you mean the application LDP.exe?

– Gabriel Luci
Nov 15 '18 at 14:42













I do yes, the LDP.exe running on the windows 10 machine

– Biggy
Nov 15 '18 at 14:50





I do yes, the LDP.exe running on the windows 10 machine

– Biggy
Nov 15 '18 at 14:50













Is the Windows 10 machine that you are running this from joined to the domain?

– Gabriel Luci
Nov 15 '18 at 14:55





Is the Windows 10 machine that you are running this from joined to the domain?

– Gabriel Luci
Nov 15 '18 at 14:55













No the Windows 10 machine needs to remain separate from the domain.

– Biggy
Nov 15 '18 at 14:57





No the Windows 10 machine needs to remain separate from the domain.

– Biggy
Nov 15 '18 at 14:57












1 Answer
1






active

oldest

votes


















1














This sounds like a DNS issue. Since the Windows 10 machine is not joined to the domain, it has no idea what your domain name means.



I assume that your Windows 10 machine is using a public DNS server (from your ISP?), which has no idea your domain exists. So when you look up the domain, you will get no result. You can test this in the command line with (use your domain name instead of "domain.com"):



nslookup domain.com


So it makes sense that it works when you add the domain to the hosts file. That is your easiest solution.



If you want a different solution, then you need to set the DNS server of your Windows 10 machine to a DNS server that is aware of your domain. You could even use your domain controller as the DNS server (I believe every domain controller can act as a DNS server).






share|improve this answer
























    Your Answer






    StackExchange.ifUsing("editor", function ()
    StackExchange.using("externalEditor", function ()
    StackExchange.using("snippets", function ()
    StackExchange.snippets.init();
    );
    );
    , "code-snippets");

    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "1"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53321518%2fsearch-for-users-in-an-ad-via-an-lds-instance%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    1














    This sounds like a DNS issue. Since the Windows 10 machine is not joined to the domain, it has no idea what your domain name means.



    I assume that your Windows 10 machine is using a public DNS server (from your ISP?), which has no idea your domain exists. So when you look up the domain, you will get no result. You can test this in the command line with (use your domain name instead of "domain.com"):



    nslookup domain.com


    So it makes sense that it works when you add the domain to the hosts file. That is your easiest solution.



    If you want a different solution, then you need to set the DNS server of your Windows 10 machine to a DNS server that is aware of your domain. You could even use your domain controller as the DNS server (I believe every domain controller can act as a DNS server).






    share|improve this answer





























      1














      This sounds like a DNS issue. Since the Windows 10 machine is not joined to the domain, it has no idea what your domain name means.



      I assume that your Windows 10 machine is using a public DNS server (from your ISP?), which has no idea your domain exists. So when you look up the domain, you will get no result. You can test this in the command line with (use your domain name instead of "domain.com"):



      nslookup domain.com


      So it makes sense that it works when you add the domain to the hosts file. That is your easiest solution.



      If you want a different solution, then you need to set the DNS server of your Windows 10 machine to a DNS server that is aware of your domain. You could even use your domain controller as the DNS server (I believe every domain controller can act as a DNS server).






      share|improve this answer



























        1












        1








        1







        This sounds like a DNS issue. Since the Windows 10 machine is not joined to the domain, it has no idea what your domain name means.



        I assume that your Windows 10 machine is using a public DNS server (from your ISP?), which has no idea your domain exists. So when you look up the domain, you will get no result. You can test this in the command line with (use your domain name instead of "domain.com"):



        nslookup domain.com


        So it makes sense that it works when you add the domain to the hosts file. That is your easiest solution.



        If you want a different solution, then you need to set the DNS server of your Windows 10 machine to a DNS server that is aware of your domain. You could even use your domain controller as the DNS server (I believe every domain controller can act as a DNS server).






        share|improve this answer















        This sounds like a DNS issue. Since the Windows 10 machine is not joined to the domain, it has no idea what your domain name means.



        I assume that your Windows 10 machine is using a public DNS server (from your ISP?), which has no idea your domain exists. So when you look up the domain, you will get no result. You can test this in the command line with (use your domain name instead of "domain.com"):



        nslookup domain.com


        So it makes sense that it works when you add the domain to the hosts file. That is your easiest solution.



        If you want a different solution, then you need to set the DNS server of your Windows 10 machine to a DNS server that is aware of your domain. You could even use your domain controller as the DNS server (I believe every domain controller can act as a DNS server).







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Nov 15 '18 at 15:07

























        answered Nov 15 '18 at 15:01









        Gabriel LuciGabriel Luci

        11.4k11525




        11.4k11525





























            draft saved

            draft discarded
















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53321518%2fsearch-for-users-in-an-ad-via-an-lds-instance%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            這個網誌中的熱門文章

            How to read a connectionString WITH PROVIDER in .NET Core?

            Node.js Script on GitHub Pages or Amazon S3

            Museum of Modern and Contemporary Art of Trento and Rovereto