LDAP queries to a GC

  • Thread starter Pablo E. Colazurdo
  • Start date
P

Pablo E. Colazurdo

Is there anyway to do direct queries to a GC by using standard ldap
searches? We have a lot of different domains in the same forest and I want
to be able to do searches from a unix box using standard ldap commands to
our domain controllers but I don't want to have to search on each different
domain for looking for someone ... any ideas?

Thanks in advance,
Pablo
 
T

Tim Springston [MSFT]

When constructing your LDAP queries direct them to TCP port 3268, and in
particular to a domain controller which hosts the global catalog.

--

Tim Springston
Microsoft Corporation

This posting is provided "AS IS" with no warranties, and confers no rights.
 
S

S.J.Haribabu

Hi,

Knowledge Base article Q224543, "Using Ldp.exe to Find Data in the Active
Directory" will probably help you out. There is also a tools help file
installed with the Support Tools that contains a document about using LDP.

Ldp.exe is a Windows 2000 Support Tools utility you can use to perform
Lightweight Directory Access Protocol (LDAP) searches against the Active
Directory for specific information given search criteria. This also allows
administrators to query data that would otherwise not be visible through
the Administrative tools included in the product. All data that is returned
in LDP queries, however, is subject to security permissions.

For more information look at http://support.microsoft.com/?id=224543

Thanks,
(e-mail address removed)

This posting is provided "AS IS" with no warranties, and confers no rights.
 
P

Pablo E. Colazurdo

it doesn't work ... if I contact a GC which belongs to a corp.xyz.com and
ask for a object which belongs to branch.xyz.com it can't find it. but if I
use a GC belonging to branch.xyz.com it works ok.

corp and branch are child domains (mixed mode) of xyz.com (native mode)

Thanks again,
P.
 
P

Pablo E. Colazurdo

Ok ... I've found my problem ... I was using the default dn and I've found I
have to use the "dc=xyz,dc=com" to make it work


Thanks a lot,
Pablo
 
P

ptwilliams

If that's the case there's replication problems. The GC should hold a copy,
albeit a partial one, of all objects in the forest. If there's objects that
exist that are not in the GC (and applicable time has been allowed for
replication latency) then there's problems.


--

Paul Williams

http://www.msresource.net
http://forums.msresource.net


it doesn't work ... if I contact a GC which belongs to a corp.xyz.com and
ask for a object which belongs to branch.xyz.com it can't find it. but if I
use a GC belonging to branch.xyz.com it works ok.

corp and branch are child domains (mixed mode) of xyz.com (native mode)

Thanks again,
P.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

LDAP traffic across sites 1
GC-Problems 7
run LDAP query agains AD-domain? 1
LDAP Queries never work 3
GC Question 10
LDAP query to GC for group members returns nothing for remote Groups 4
Secure LDAP Question 1
I need a LDAP query to find a user from other domain in a local group of my domain 2

Top