I'm very familiar with DNS, but less so with LDAP.
In DNS I have the ability to delegate the CPU and IO load of referral chasing a given DNS query... or I can set norecurse and have the client perform those tasks (or not recurse at all)
My goal is to point my LDAP clients to a single corporate directory (AD or ADLS/ADAM) and then download SMIME certificates from my corporate directory, ldap.globaltrustpoint.com (link), or other directories as I see fit.
I'm following the directions here to add globaltrustpoint.com to the instance, and not sure how to test and see if LDAP referrals are more like a recursive or non-recursive query.
I'm also trying to figure out how to tell if this is a client-specific setting (Outlook, OSX mail, etc).
Any procedural help would be appreciated.
