Is my AD already an LDAP server?

active-directory windows-server-2003 ldap

I have installed an LDAP browser, to try and browse my AD information (this is part of enabling Google Directory Sync process).

however, I keep getting a connection error (using port: 19389).

the first Q I have: Is my Active Directory (2003R2 Server) is already an LDAP server? (from the readings I understand that Each AD is an implementation of LDAP) - so my answer would be yes.

In that case, why can't I connect? Is there any setting to enable such "LDAP" connections? (I feel not) I feel I am missing some crucial piece of information.

*I am using JXplorer as the LDAP browser

This Ansewr MS Active Directory as a simple LDAP server directs me to use: ADAM - but I can't see how this helps me.


Solution 1:

Yes, AD has LDAP as one component. You don't need to do anything to AD to allow an LDAP client to connect.

You need to bind (authenticate) to LDAP to be able to browse it; you need to put in your full DN in JXplorer as part of the credentials, and of course your password. Without knowing what you've tried so far, I can't give you much more direction.

Having said all that, I prefer ADExplorer from Sysinternals to a plain-jane LDAP browser. It's a little easier to use, since it's meant for use with AD specifically.

ADAM (AD LDS) is what you would use if you needed something almost entirely like AD, without needing an actual domain.

Solution 2:

Windows LDAP answers on port 389.

Solution 3:

From the Microsoft document titled Active Directory's LDAP Compliance:

Windows Server 2003

Building on the foundation established in Windows 2000 Server, the Active Directory service in Windows Server 2003 extends beyond the baseline of LDAP compliance into one of the most comprehensive directory servers offering a wide range of LDAP support. Accordingly, the Windows Server 2003 Active Directory service introduces a number of new LDAP capabilities targeted for IT professionals and application developers. Some of the latest LDAP features include:

•Dynamic Entries - Active Directory can store dynamic entries allowing the directory to assign Time-To-Live (TTL) values to determine automatic entry deletion.

•Transport Layer Security (TLS) - Connections to Active Directory over LDAP can now be protected using the TLS security protocol.

Related

Setting php error_reporting value with a console parameter
Industry Standards for Network Infrastructure Labeling
How to recreate a working AMI from recovery snapshot after Aug 8 outage?
IIS Rewrite, rewrite maps and query strings
Why is Postfix trying to connect to other machines SMTP port 25?
DRAM ECC error detected on the NB
Don't automatically include all subdomains in DNSMasq address
Rename file in Amazon Glacier
Which Java version should I run Jenkins with?
Is APC's smart-signaling cable (940-0024) really proprietary?
What is creating the generated/autoconf.h?
ESXi and Windows Server CPU parking