Search for users in an AD via an LDS instance
I am attempting to configure a system that will allow me to search an active directory via an LDS instance.
So far I have:
- One Windows 10 machine with the LDP client installed
- One virtual Windows Server 2016 machine with an AD and domain controller
- One virtual Windows Server 2016 machine with an LDS instance
The server hosting the LDS instance has been added to the same domain as the domain controller allowing me to bind to users within the AD via LDAP.
However I am unable to search for users despite being bound to a user in the active directory I am attempting to search. The issue appears to relate to LDAP referrals, such that if I add the IP address and domain of the AD to the hosts file on the client machine, the LDP client will successfully find the users in the AD. If I remove the entry from the hosts file the LDP client no longer seems to be able to resolve the domain name.
active-directory ldap lds
asked Nov 15 '18 at 14:22
BiggyBiggy
1
add a comment |
I am attempting to configure a system that will allow me to search an active directory via an LDS instance.
So far I have:
- One Windows 10 machine with the LDP client installed
- One virtual Windows Server 2016 machine with an AD and domain controller
- One virtual Windows Server 2016 machine with an LDS instance
The server hosting the LDS instance has been added to the same domain as the domain controller allowing me to bind to users within the AD via LDAP.
However I am unable to search for users despite being bound to a user in the active directory I am attempting to search. The issue appears to relate to LDAP referrals, such that if I add the IP address and domain of the AD to the hosts file on the client machine, the LDP client will successfully find the users in the AD. If I remove the entry from the hosts file the LDP client no longer seems to be able to resolve the domain name.
active-directory ldap lds
asked Nov 15 '18 at 14:22
BiggyBiggy
1
By "LDP client", do you mean the application LDP.exe?
– Gabriel Luci
Nov 15 '18 at 14:42
I do yes, the LDP.exe running on the windows 10 machine
– Biggy
Nov 15 '18 at 14:50
Is the Windows 10 machine that you are running this from joined to the domain?
– Gabriel Luci
Nov 15 '18 at 14:55
No the Windows 10 machine needs to remain separate from the domain.
– Biggy
Nov 15 '18 at 14:57
add a comment |
I am attempting to configure a system that will allow me to search an active directory via an LDS instance.
So far I have:
- One Windows 10 machine with the LDP client installed
- One virtual Windows Server 2016 machine with an AD and domain controller
- One virtual Windows Server 2016 machine with an LDS instance
The server hosting the LDS instance has been added to the same domain as the domain controller allowing me to bind to users within the AD via LDAP.
However I am unable to search for users despite being bound to a user in the active directory I am attempting to search. The issue appears to relate to LDAP referrals, such that if I add the IP address and domain of the AD to the hosts file on the client machine, the LDP client will successfully find the users in the AD. If I remove the entry from the hosts file the LDP client no longer seems to be able to resolve the domain name.
active-directory ldap lds
asked Nov 15 '18 at 14:22
BiggyBiggy
1
I am attempting to configure a system that will allow me to search an active directory via an LDS instance.
So far I have:
- One Windows 10 machine with the LDP client installed
- One virtual Windows Server 2016 machine with an AD and domain controller
- One virtual Windows Server 2016 machine with an LDS instance
The server hosting the LDS instance has been added to the same domain as the domain controller allowing me to bind to users within the AD via LDAP.
However I am unable to search for users despite being bound to a user in the active directory I am attempting to search. The issue appears to relate to LDAP referrals, such that if I add the IP address and domain of the AD to the hosts file on the client machine, the LDP client will successfully find the users in the AD. If I remove the entry from the hosts file the LDP client no longer seems to be able to resolve the domain name.
active-directory ldap lds
active-directory ldap lds
asked Nov 15 '18 at 14:22
BiggyBiggy
1
asked Nov 15 '18 at 14:22
BiggyBiggy
1
asked Nov 15 '18 at 14:22
BiggyBiggy
1
asked Nov 15 '18 at 14:22
BiggyBiggy
1
asked Nov 15 '18 at 14:22
BiggyBiggy
1
1
By "LDP client", do you mean the application LDP.exe?
– Gabriel Luci
Nov 15 '18 at 14:42
I do yes, the LDP.exe running on the windows 10 machine
– Biggy
Nov 15 '18 at 14:50
Is the Windows 10 machine that you are running this from joined to the domain?
– Gabriel Luci
Nov 15 '18 at 14:55
No the Windows 10 machine needs to remain separate from the domain.
– Biggy
Nov 15 '18 at 14:57
add a comment |
By "LDP client", do you mean the application LDP.exe?
– Gabriel Luci
Nov 15 '18 at 14:42
I do yes, the LDP.exe running on the windows 10 machine
– Biggy
Nov 15 '18 at 14:50
Is the Windows 10 machine that you are running this from joined to the domain?
– Gabriel Luci
Nov 15 '18 at 14:55
No the Windows 10 machine needs to remain separate from the domain.
– Biggy
Nov 15 '18 at 14:57
By "LDP client", do you mean the application LDP.exe?
– Gabriel Luci
Nov 15 '18 at 14:42
By "LDP client", do you mean the application LDP.exe?
– Gabriel Luci
Nov 15 '18 at 14:42
I do yes, the LDP.exe running on the windows 10 machine
– Biggy
Nov 15 '18 at 14:50
I do yes, the LDP.exe running on the windows 10 machine
– Biggy
Nov 15 '18 at 14:50
Is the Windows 10 machine that you are running this from joined to the domain?
– Gabriel Luci
Nov 15 '18 at 14:55
Is the Windows 10 machine that you are running this from joined to the domain?
– Gabriel Luci
Nov 15 '18 at 14:55
No the Windows 10 machine needs to remain separate from the domain.
– Biggy
Nov 15 '18 at 14:57
No the Windows 10 machine needs to remain separate from the domain.
– Biggy
Nov 15 '18 at 14:57
add a comment |
1 Answer
1
active
oldest
votes
This sounds like a DNS issue. Since the Windows 10 machine is not joined to the domain, it has no idea what your domain name means.
I assume that your Windows 10 machine is using a public DNS server (from your ISP?), which has no idea your domain exists. So when you look up the domain, you will get no result. You can test this in the command line with (use your domain name instead of "domain.com"):
nslookup domain.com
So it makes sense that it works when you add the domain to the hosts file. That is your easiest solution.
If you want a different solution, then you need to set the DNS server of your Windows 10 machine to a DNS server that is aware of your domain. You could even use your domain controller as the DNS server (I believe every domain controller can act as a DNS server).
answered Nov 15 '18 at 15:01
Gabriel LuciGabriel Luci
11.4k11525
add a comment |
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53321518%2fsearch-for-users-in-an-ad-via-an-lds-instance%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
This sounds like a DNS issue. Since the Windows 10 machine is not joined to the domain, it has no idea what your domain name means.
I assume that your Windows 10 machine is using a public DNS server (from your ISP?), which has no idea your domain exists. So when you look up the domain, you will get no result. You can test this in the command line with (use your domain name instead of "domain.com"):
nslookup domain.com
So it makes sense that it works when you add the domain to the hosts file. That is your easiest solution.
If you want a different solution, then you need to set the DNS server of your Windows 10 machine to a DNS server that is aware of your domain. You could even use your domain controller as the DNS server (I believe every domain controller can act as a DNS server).
answered Nov 15 '18 at 15:01
Gabriel LuciGabriel Luci
11.4k11525
add a comment |
This sounds like a DNS issue. Since the Windows 10 machine is not joined to the domain, it has no idea what your domain name means.
I assume that your Windows 10 machine is using a public DNS server (from your ISP?), which has no idea your domain exists. So when you look up the domain, you will get no result. You can test this in the command line with (use your domain name instead of "domain.com"):
nslookup domain.com
So it makes sense that it works when you add the domain to the hosts file. That is your easiest solution.
If you want a different solution, then you need to set the DNS server of your Windows 10 machine to a DNS server that is aware of your domain. You could even use your domain controller as the DNS server (I believe every domain controller can act as a DNS server).
answered Nov 15 '18 at 15:01
Gabriel LuciGabriel Luci
11.4k11525
add a comment |
This sounds like a DNS issue. Since the Windows 10 machine is not joined to the domain, it has no idea what your domain name means.
I assume that your Windows 10 machine is using a public DNS server (from your ISP?), which has no idea your domain exists. So when you look up the domain, you will get no result. You can test this in the command line with (use your domain name instead of "domain.com"):
nslookup domain.com
So it makes sense that it works when you add the domain to the hosts file. That is your easiest solution.
If you want a different solution, then you need to set the DNS server of your Windows 10 machine to a DNS server that is aware of your domain. You could even use your domain controller as the DNS server (I believe every domain controller can act as a DNS server).
answered Nov 15 '18 at 15:01
Gabriel LuciGabriel Luci
11.4k11525
This sounds like a DNS issue. Since the Windows 10 machine is not joined to the domain, it has no idea what your domain name means.
I assume that your Windows 10 machine is using a public DNS server (from your ISP?), which has no idea your domain exists. So when you look up the domain, you will get no result. You can test this in the command line with (use your domain name instead of "domain.com"):
nslookup domain.com
So it makes sense that it works when you add the domain to the hosts file. That is your easiest solution.
If you want a different solution, then you need to set the DNS server of your Windows 10 machine to a DNS server that is aware of your domain. You could even use your domain controller as the DNS server (I believe every domain controller can act as a DNS server).
answered Nov 15 '18 at 15:01
Gabriel LuciGabriel Luci
11.4k11525
edited Nov 15 '18 at 15:07
answered Nov 15 '18 at 15:01
Gabriel LuciGabriel Luci
11.4k11525
answered Nov 15 '18 at 15:01
Gabriel LuciGabriel Luci
11.4k11525
answered Nov 15 '18 at 15:01
Gabriel LuciGabriel Luci
11.4k11525
11.4k11525
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53321518%2fsearch-for-users-in-an-ad-via-an-lds-instance%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
By "LDP client", do you mean the application LDP.exe?
– Gabriel Luci
Nov 15 '18 at 14:42
I do yes, the LDP.exe running on the windows 10 machine
– Biggy
Nov 15 '18 at 14:50
Is the Windows 10 machine that you are running this from joined to the domain?
– Gabriel Luci
Nov 15 '18 at 14:55
No the Windows 10 machine needs to remain separate from the domain.
– Biggy
Nov 15 '18 at 14:57