Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ad-lds]

AD LDS is Active Directory Lightweight Directory Services and was previously known as ADAM (Active Directory Application Mode).

This is a role first made available in Windows Server 2008. ADLDS is a LDAP server. See http://go.microsoft.com/fwlink/?LinkId=96084 for an overview.

The following step by step guide should be useful to anyone new to ADLDS http://technet.microsoft.com/en-us/library/cc731246(v=WS.10).aspx .

64 questions
6
votes
1 answer

Replication of lockoutTime attribute is not urgent on AD-LDS

I have two LDS servers on the same subnet. They replicate well. If I change an attribute, it gets replicated after 15 seconds. LDS is configured to honor password policies. When a user makes too many wrong password attemps, his account is locked…
ixe013
  • 928
  • 2
  • 7
  • 25
4
votes
1 answer

AD LDS cannot connect to port 389

I am trying to replicate an AD domain to a server hosting AD Lightweight Directory Services (AD LDS). In the instance setup wizard, I am choosing "A replica of an existing instance". After I enter the FQDN of any domain controller & port 389, it…
B. Thomas
  • 41
  • 3
4
votes
1 answer

What is MS-Membership Transitive.LDF?

When installing ad-lds, you have the option to import several LDF files. Some of them are described here: http://technet.microsoft.com/en-us/library/cc771943.aspx. Can anyone tell me what the MS-Membership Transitive.LDF file is all about?
BVernon
  • 391
  • 6
  • 18
4
votes
1 answer

Can you authenticate into SSAS with AD LDS (ADAM) accounts?

I'm very new to AD LDS and experienced but not qualified with SSAS, so my apologies for my ignorances with these. We have a couple implementations where we expose SSAS via an HTTPS proxy (msmdpump.dll) and currently we have a temporary domain setup…
Jaxidian
  • 283
  • 3
  • 5
  • 19
3
votes
1 answer

Active Directory Module for PowerShell Get-ADObject and Set-ADObject don't work with custom attribute

I am trying to work with a custom attribute in an AD LDS instance that I did not create, using the Active Directory Module for PowerShell. Unfortunately, the cmdlets Get-ADObject and Set-ADObject are not returning the results I expected. In fact,…
MasterOfNone
  • 174
  • 1
  • 8
3
votes
1 answer

PowerShell AD LDS query with filter using wildcard not behaving as expected

I am the administrator for a learning management system website that stores its page structure in AD LDS. I am trying to run a query to get objects (pages on the site) matching a filter for distinguishedName. My filter is not behaving as…
MasterOfNone
  • 174
  • 1
  • 8
3
votes
3 answers

AD LDS service account as local admin to allow SSL connection?

I am installing Active Directory Lightweight Directory Services (AD LDS, aka ADAM) on a Windows 2012 vm. After finally getting the configuration of the directory and synchronization handled, I am now running into an interesting problem. I have…
bgStack15
  • 911
  • 1
  • 9
  • 23
3
votes
1 answer

Dynamic group membership to work around no nested security group support for Active Directory

My problem is that I have a number of network administration applications like SAN switches that do not support nested groups from Active Directory Domain Services (AD DS). These legacy administration applications use either LDAP or LDAPS. I am…
Bernie White
  • 1,024
  • 7
  • 17
3
votes
2 answers

Active Directory LDS Structure Best Practices

I'm looking for guidance in structuring an LDS directory and finding only best practices targeted at Domain Services. Does anyone here have references for the hierarchical structure we set up in the directory? I'm interested in small items, like…
Mark A Johnson
  • 210
  • 1
  • 5
3
votes
2 answers

AD LDS High availability

We are currently using CAS for multiple directory authentication. AD for internal users, AD LDS for external users. I've read that NLB is a possible solution, but wondering if this is possible with SRV records, and how about you would correctly…
cluckinchicken
  • 43
  • 1
  • 1
  • 5
3
votes
2 answers

AD DS or AD LDS

I need a suggestion about having AD DS or AD LDS for my infrastructure. I have a website which as of now do not have any log in facility for the visitors, now we are developing a new application so that the visitors can create account on the…
Rajeev
  • 187
  • 2
  • 9
2
votes
1 answer

When is AD LDS really required

I have a question regarding to the purpose of AD LDS. Currently I am playing around with windows server infrastructure to have a better understanding of their inner workings and aim to build a simple test network. I have finished installing and…
weejing
  • 21
  • 1
  • 2
2
votes
1 answer

Configuring two AD LDS instances to synchronize with one another

I'm trying to find information on synchronizing multiple AD LDS instances with each other, but all the information I'm finding via Google is about synchronizing AD LDS to AD DS. I would appreciate it if anyone could point me toward some articles on…
BVernon
  • 391
  • 6
  • 18
2
votes
0 answers

Forcing not-yet-known SID value in AD LDS userProxy account

We are dealing with a chained provisioning request, the goal being to create successively an AD account and an AD LDS userProxy account associated with the just created AD account. The AD account SID is retrieved just after creation and given in AD…
lledr
  • 141
  • 5
2
votes
0 answers

AD LDS query fails to get second page of large number of groups

We hit the 1015 limit in AD DS, so we are exploring AD LDS as an alternative. To test the limit, I've created >32,000 groups, each nested inside another, with my user in the top and bottom level group. This query works for the first page, but fails…
Jason Dentler
  • 21
  • 4
1
2 3 4 5