Guy Recommends
A solution to monitor, manage and archive thousands of
events that are generated by devices across the entire network.
Download FREE
trial
Windows Server 2003 - LDP Support Tool UtilityLDP is the forgotten tool in the Windows Server 2003
toolkit. Here on this page is a step-by-step tutorial for getting started with LDP. In my opinion, it should be called not LDP but LDAP, as that's what it configures. Perhaps LDP is overlooked because it's so hard to get going, I will reveal the secrets of
how you search for Active Directory
information with this Microsoft utility. Tutorial Topics for LDP
Installing LDP is easy. From the CD \support\tools, double click suptools.msi. Alternatively, here is a free download of Microsoft's LDP. There are a number of ways of executing ldp.exe, to begin with, let us call for the Run dialog box and type ldp.
Scenario: We wish to view our domain and check on users whose first name begins with 'a'. The more choices a program gives, the more difficult it is for a beginner to get started. In the case of
LDP, you have to perform three operations in sequence before you can start. 1) Click on the Connection
menu, then Connect, select your server name. Being an LDAP program, leave the port on 389. You don't want Connectionless, therefore leave the default setting. No tick in the Connectionless box. No
need for SSL either. 2) Next we need to Bind, which is rather like logging on. Even though
you would expect that LDP would use the credentials of the logged on user, it does not always work that way. So just Bind with an Administrator's name and password. 3) Click View and
select Tree; what you see is a box waiting for baseDN (Distinguished Name). Now we come to the crucial
step. The text books say type, DC=yourdomain,DC=com. The problem comes if you are unsure of your domain name. For instance, does it have an extension of .com? Guy says just try pressing OK without
entering anything at all in the box. If it truly is your intention to connect to a domain, then do not use the drop-down menu and select, DC=ForestDnsZones,DC=domain,DC=com, that just does not work for me.
4) What I hope you will see in the left hand LDP panel is a structure that reminds you of Active Directory Users and Computers.
5) Now you have done all the hard work. It's time for the first LDAP query. Click on the Browse menu, and select Search. Leave the Base Dn: dialog entry as it is, in the Filter box
type (givenName=a*). If you remember our brief was to find all users whose first name begins with 'A'. If that produces no results, try (cn=a*). CN means common name, and surely there will be
an administrators' account in the domain? 6) The fruits of all your LDP efforts should now appear in the right hand menu. The fact that the latest entries are
at the bottom rather than the top, takes a little getting used to, so be prepared to scroll down.
 Active Directory Training. As an MCT trainer, I can thoroughly recommend
TrainSignal because they provide practical hands on
training. In particular, I like the way that TrainSignal cover all learning methods, instructor lead, video and of course text material. You can either take one module, for example Active Directory or go for
a combination of modules.
See more about Active Directory training
***Searching...
ldap_search_s(ld, "DC=cp,DC=com", 2, "(cn=a*)", attrList, 0, &msg)
Result <0>: (null)
Matched DNs:
Getting 24 entries:
>> Dn:
CN=a86fe12a-0f62-4e2a-b271-d27f601f8182,CN=Operations,CN=DomainUpdates,CN=System,DC=cp,DC=com
2> objectClass: top; container;
1> cn: a86fe12a-0f62-4e2a-b271-d27f601f8182;
1> distinguishedName:
CN=a86fe12a-0f62-4e2a-b271-d27f601f8182,CN=Operations,CN=DomainUpdates,CN=System,DC=cp,DC=com;
1> name: a86fe12a-0f62-4e2a-b271-d27f601f8182;
1> canonicalName: cp.com/System/DomainUpdates/Operations/a86fe12a-0f62-4e2a-b271-d27f601f8182;
>> Dn: CN=ab402345-d3c3-455d-9ff7-40268a1099b6,CN=Operations,CN=DomainUpdates,CN=System,DC=cp,DC=com
2> objectClass: top; container;
1> cn: ab402345-d3c3-455d-9ff7-40268a1099b6;
1>
distinguishedName: CN=ab402345-d3c3-455d-9ff7-40268a1099b6,CN=Operations,CN=DomainUpdates,CN=System,DC=cp,DC=com;
1> name: ab402345-d3c3-455d-9ff7-40268a1099b6;
1> canonicalName: cp.com/System/DomainUpdates/Operations/ab402345-d3c3-455d-9ff7-40268a1099b6;
>> Dn: CN=ab9b6f9e-7ef4-4e9a-902d-ae9a3881bce9,CN=Packages,CN=Class Store,CN=Machine,CN={4627307D-103B-4A81-99D0-B5B06B8AD999},CN=Policies,CN=System,DC=cp,DC=com
2> objectClass: top; packageRegistration;
1> cn: ab9b6f9e-7ef4-4e9a-902d-ae9a3881bce9;
1> distinguishedName: CN=ab9b6f9e-7ef4-4e9a-902d-ae9a3881bce9,CN=Packages,CN=Class Store,CN=Machine,CN={4627307D-103B-4A81-99D0-B5B06B8AD999},CN=Policies,CN=System,DC=cp,DC=com;
1> name: ab9b6f9e-7ef4-4e9a-902d-ae9a3881bce9;
1> canonicalName: cp.com/System/Policies/{4627307D-103B-4A81-99D0-B5B06B8AD999}/Machine/Class Store/Packages/ab9b6f9e-7ef4-4e9a-902d-ae9a3881bce9;
>>
Dn: CN=abab2104-5729-4bed-ac94-a65c89516e84,CN=AppCategories,CN=Default Domain Policy,CN=System,DC=cp,DC=com
3> objectClass: top; leaf; categoryRegistration;
1> cn: abab2104-5729-4bed-ac94-a65c89516e84;
1> distinguishedName: CN=abab2104-5729-4bed-ac94-a65c89516e84,CN=AppCategories,CN=Default Domain Policy,CN=System,DC=cp,DC=com;
1> name: abab2104-5729-4bed-ac94-a65c89516e84;
1> canonicalName:
cp.com/System/Default Domain Policy/AppCategories/abab2104-5729-4bed-ac94-a65c89516e84;
>> Dn: CN=Account Operators,CN=Builtin,DC=cp,DC=com
2> objectClass: top; group;
1> cn: Account Operators;
1> description: Members can administer domain user and group accounts;
1> distinguishedName: CN=Account Operators,CN=Builtin,DC=cp,DC=com;
1> name: Account Operators;
1> canonicalName:
cp.com/Builtin/Account Operators;
>> Dn: CN=Administrator,CN=Users,DC=cp,DC=com
4> objectClass: top; person; organizationalPerson; user;
1> cn: Administrator;
1> description: Built-in account
for administering the computer/domain;
1> distinguishedName: CN=Administrator,CN=Users,DC=cp,DC=com;
1> name: Administrator;
1> canonicalName: cp.com/Users/Administrator;
>> Dn: CN=Administrators,CN=Builtin,DC=cp,DC=com
2> objectClass: top; group;
1> cn: Administrators;
1> description: Administrators have complete and unrestricted access to the computer/domain;
1> distinguishedName: CN=Administrators,CN=Builtin,DC=cp,DC=com;
1> name: Administrators;
1> canonicalName: cp.com/Builtin/Administrators;
-
 Guy
recommends: The SolarWinds ipMonitor
My attraction to
ipMonitor is
because it inhabits that zone of part work, part
play; Guy just could not put the dashboard away. This excellent performance
monitor will get you started in the quest to remove bottlenecks on your network. SolarWinds provides this fully-functioning product free for 21 days. So
download
and install ipMonitor, then start scrutinizing your computers CPU, memory and disk
performance. You can also select from zillions more performance counters such as
fan temperature and battery level.
Installing ipMonitor is a breeze, but learn from gung-ho Guy's mistake and install SNMP
on each computer that you wish to monitor. What sealed my unreserved
recommendation of SolarWinds is their support team, you will get expert help even
when you are evaluating the ipMonitor. One last point, SolarWinds are offering a
40% discount until Sept 26th.
Download SolarWinds ipMonitor (21 days eval)
Microsoft's LDP is a tricky program to get started. This page gives you a step-by-step tutorial to create LDAP queries against a Windows Server 2003 Active Directory. Get your copy of LDP from
the Windows Server 2003 Support Tools.
Download LDP
See Also
● ADSI Edit
● ADSI More Examples ●
ADModify
● LDP ●
Replmon
●
Performance Monitor Tool
|
