-
Notifications
You must be signed in to change notification settings - Fork 0
Ldap
Nahid Farrokhi edited this page Jan 31, 2019
·
1 revision
In order to add/edit user to ldap, you need admin privileges on the server.
- RDP to the server
- Go to
Control Panel
->Administrative Tools
- Open
ADSI EDIT
- Select
Action
->Connect to
from top left menu - Set values on connect dialog like this and then press
OK
- Distinguished name:
DC={dc},DC=am,DC=mds,DC={dc},DC=com
- Server name:
{IP}:{Port}
- Distinguished name:
- If you have admin privilege you will see list of users under the DC
- Reset Password Select user -> right click -> select reset password
-
Edit User Properties Select user -> right click -> select
properties
-> select a property and edit
- **Add New User`
- Select
Action
->New
->Object
from top left menu - Select
User
-> pressNext
- Insert user's
cn
value -> pressNext
- Click on
More Attributes
- Select property and insert the value in the text box
- Check
msDS-UserAccountDisabled
property to make sure it is set toFalse
. Default for that isTrue
(disabled)
and user login will not be successful. -
employeeType
for contract users will beCNT
whereas that of retirees will beRET
- Select
- Click on
Finish
- Refresh the list
- New added user should be on the list
-
RDP to the sever
-
Download LdapAdmin.exe
-
- Set Name:
{DC-name}
- Set Host:
{IP}
- Set Port:
{post}
- Select
GSS-API
- Check mark
anonymous connection
- Leave
username
andpassword
empty
- Set Name:
- Click on
Test Connection
, you should get success message - Click on fetch DNS there should appear 3 in the list which one of them should be
DC={DC},DC=am,DC=mds,DC={DC},DC=com
-
- Set Name:
{Dc-Name}-ssl
- Set Host:
IP
- Set Port:
639
- Select
GSS-API
- Check mark
anonymous connection
- Check mark
SSL
- Leave
username
andpassword
empty
- Set Name:
- Click on
Test Connection
, you should get success message - Click on fetch DNS there should appear 3 in the list which one of them should be
DC={DC},DC=am,DC=mds,DC={DC},DC=com