Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » Anonymous LDAP queries on one DC?
Anonymous LDAP queries on one DC? [message #156349] Mon, 15 June 2009 16:57 Go to next message
trnsfrmrsr  is currently offline trnsfrmrsr
Messages: 5
Registered: June 2009
Junior Member
We've got active directory setup with a functional level of server 2003 and
we've got 2 AD DS server 2008 servers along with a handful of server 2003
DCs.

We've run into an application which requires anonymous ldap queries for
authentication.

Is there anyway to turn on anonymous ldap queries on one of our DCs or our
read only domain controller without turning the feature on for our entire
domain?
Re: Anonymous LDAP queries on one DC? [message #156363 is a reply to message #156349] Tue, 16 June 2009 01:31 Go to previous messageGo to next message
SubstituteThisWithMyF  is currently offline SubstituteThisWithMyF  Netherlands
Messages: 85
Registered: October 2009
Member
nope

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Identity & Access - Directory Services #

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------ ------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test ANY suggestion in a test environment before implementing!
------------------------------------------------------------ ------------------------------
#################################################
#################################################
------------------------------------------------------------ ------------------------------

"trnsfrmrsr" <trnsfrmrsr@discussions.microsoft.com> wrote in message
news:A9C3DED6-527F-4B3A-8A9F-9EADEBCF6371@microsoft.com...
> We've got active directory setup with a functional level of server 2003
> and
> we've got 2 AD DS server 2008 servers along with a handful of server 2003
> DCs.
>
> We've run into an application which requires anonymous ldap queries for
> authentication.
>
> Is there anyway to turn on anonymous ldap queries on one of our DCs or our
> read only domain controller without turning the feature on for our entire
> domain?
>
> __________ Information from ESET Smart Security, version of virus
> signature database 4157 (20090615) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>
>

__________ Information from ESET Smart Security, version of virus signature database 4157 (20090615) __________

The message was checked by ESET Smart Security.

http://www.eset.com
Re: Anonymous LDAP queries on one DC? [message #156370 is a reply to message #156349] Tue, 16 June 2009 04:08 Go to previous messageGo to next message
meiweb(nospam)  is currently offline meiweb(nospam)  Germany
Messages: 1307
Registered: July 2009
Senior Member
Hello trnsfrmrsr,

Not possible for one DC only, check this article about the configuration
for the complete, search for"Anonymous queries":
http://technet.microsoft.com/en-us/library/cc755809%28WS.10% 29.aspx

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> We've got active directory setup with a functional level of server
> 2003 and we've got 2 AD DS server 2008 servers along with a handful of
> server 2003 DCs.
>
> We've run into an application which requires anonymous ldap queries
> for authentication.
>
> Is there anyway to turn on anonymous ldap queries on one of our DCs or
> our read only domain controller without turning the feature on for our
> entire domain?
>
Re: Anonymous LDAP queries on one DC? [message #156371 is a reply to message #156370] Tue, 16 June 2009 04:45 Go to previous messageGo to next message
michael[1]  is currently offline michael[1]
Messages: 10
Registered: August 2009
Junior Member
Meinolf Weber [MVP-DS] wrote:
>
>> We've got active directory setup with a functional level of server
>> 2003 and we've got 2 AD DS server 2008 servers along with a handful of
>> server 2003 DCs.
>>
>> We've run into an application which requires anonymous ldap queries
>> for authentication.
>>
>> Is there anyway to turn on anonymous ldap queries on one of our DCs or
>> our read only domain controller without turning the feature on for our
>> entire domain?
>
> Not possible for one DC only, check this article about the configuration
> for the complete, search for"Anonymous queries":
> http://technet.microsoft.com/en-us/library/cc755809%28WS.10% 29.aspx

Another option would be to use a LDAP proxy server (e.g. OpenLDAP with
back-ldap) which binds with a service user and allows anon searches to
its (local) clients.

Ciao, Michael.
Re: Anonymous LDAP queries on one DC? [message #156379 is a reply to message #156370] Tue, 16 June 2009 05:58 Go to previous messageGo to next message
pleite  is currently offline pleite  Portugal
Messages: 22
Registered: July 2009
Junior Member
good mornig

my suggestion, fedora directory server with replication from ad.
it works.

Have a nice day
pleite

On Tue, 16 Jun 2009 08:08:56 +0000, Meinolf Weber [MVP-DS] wrote:

> Hello trnsfrmrsr,
>
> Not possible for one DC only, check this article about the configuration
> for the complete, search for"Anonymous queries":
> http://technet.microsoft.com/en-us/library/cc755809%28WS.10% 29.aspx
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers no rights.
> ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!!
> http://www.blakjak.demon.co.uk/mul_crss.htm
>
>
>> We've got active directory setup with a functional level of server 2003
>> and we've got 2 AD DS server 2008 servers along with a handful of
>> server 2003 DCs.
>>
>> We've run into an application which requires anonymous ldap queries for
>> authentication.
>>
>> Is there anyway to turn on anonymous ldap queries on one of our DCs or
>> our read only domain controller without turning the feature on for our
>> entire domain?
>>
Re: Anonymous LDAP queries on one DC? [message #347774 is a reply to message #156349] Fri, 18 December 2009 14:05 Go to previous messageGo to next message
chost  is currently offline chost  United States
Messages: 1
Registered: December 2009
Junior Member
Hi trnsfrmrsr.

Did you ever decide a solution for this issue? I'm wanting to do the
same thing.

thanks.
chost


--
chost
------------------------------------------------------------ ------------
chost's Profile: http://forums.techarena.in/members/165190.htm
View this thread: http://forums.techarena.in/active-directory/1198068.htm

http://forums.techarena.in
Re: Anonymous LDAP queries on one DC? [message #348179 is a reply to message #347774] Sat, 19 December 2009 07:04 Go to previous message
meiweb  is currently offline meiweb  Germany
Messages: 2225
Registered: September 2009
Senior Member
Hello chost,

As you are replying to forums.techarena and older postings then 90 days are
removed, please post your complete problem description as nobody can follow
it in the Microsoft newsgroups where it also pops up.

Which OS version are you talking about? Anonymus LDAP queries in Windows
server 2003 DCs and higher OS must be enabled:
http://www.petri.co.il/anonymous_ldap_operations_in_windows_ 2003_ad.htm

In Windows server 2000 DCs it is enabled by default.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hi trnsfrmrsr.
>
> Did you ever decide a solution for this issue? I'm wanting to do the
> same thing.
>
> thanks.
> chost
> http://forums.techarena.in
>
Previous Topic:setspn list problem
Next Topic:Rodc
Goto Forum:
  


Current Time: Fri Oct 20 03:02:28 EDT 2017

Total time taken to generate the page: 0.04233 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software