Active Directory management is achievable with the help of Windows Support Tools utility provided by Microsoft. The Windows support tool Ldp.exe is widely used by administrators as an Active Directory browser to perform LDAP search operation. The Lightweight Directory Access Protocol utility facilitates administrator to search for particular information through a given search criteria. This client utility can also be utilized effectively to glance through and query an LDAP based directory service such as the Active Directory.
To utilize LDP utility, the first step that needs to be taken is to connect and bind to the Active Directory for authentication. In fact, here are the steps that must be followed for connecting to the Active Directory:
1.On the Connections menu, click Connect.
2.In the dialog box, type the name of the directory server and then click OK.
Note: In case the name of the directory server in not mentioned, then the possibility is very high that the LDP will connect you to your logon server (LOGONSERVER). In fact, it may also connect you to the last server that was accessed.
After establishing the required connection with the Active Directory, a message featuring "RootDSE" information is send. This is very important information because you may require this message to use with ldp.exe utility as an Active Directory browser.
In order to bind to the directory, on the Connections menu, just click Bind so that you can authenticate yourself to the AD. The moment you get connected and authenticated to the Active Directory, you can enjoy the liberty of browsing information depending upon the permissions that have been assigned to your account. For attributes and parts of the AD tree for which access is denied, information will not be displayed.
Since the Active Directory is LDAP compliant, almost all the information is generally arranged in a hierarchical tree arrangement. Consequently, if you really wish to browse through the structure, the accurate LDAP query must be used. To browse through the directory, it is very crucial to view and analyze its tree structure. In fact, here are the steps that you need to follow:
1.On the View menu, click Tree and enter the base Distinguished Name (DN).
2.Enable the Auto Base DN Query Option and click OK to connect to the defaultNamingContext of the tree root.
In just a matter of a few minutes, the Active Directory tree structure will be displayed in the left pane of the LDP utility. And when you expand them it will display all the objects and containers. Just double click on any object on the directory tree and you will be able to view its attributes and along with the information of that particular attribute on the right pane of the LDP utility.
Results are displayed either in String format or Binary format, but it primarily depends upon the configuration of Value Parsing option (In the Options Dialog Box, click General and change the Value Parsing option to String). In String format, object attributes are displayed as follows:
Ldp: Binary blob
The LDP utility overwrites the older results with new information; therefore; increase the buffer size to retain more data. It is possible to save the results in plain text format and export the search results.
No comments:
Post a Comment