Re: LDAP proxy, forwarding or redirect

Tech-Archive recommends: Fix windows errors by optimizing your registry

Great, thanks. I will install ADAM and use that.
"Ryan Hanisco" <RyanHanisco@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:80DFB7CA-49AC-4E55-90B4-01042C83C0EA@xxxxxxxxxxxxxxxx
Kevin,

I agree with Al, you certainly could use something like ISA Server to
forward requests, but you would be much better served by ADAM and its AD
synchronization features. This will give you a flexible, extensible LDAP
provider that is able to accept one-way synchs with AD.
--
Ryan Hanisco
MCSE, MCTS: SQL 2005, Project+
http://www.techsterity.com
Chicago, IL

Remember: Marking helpful answers helps everyone find the info they need
quickly.


"Al Mulnick" wrote:

There are applications that fit into this realm but it is not like it is
a
crowded market. That in itself causes some concern. I haven't used them.
Instead, I've had better luck with putting that kind of information in an
OpenLDAP or ADAM instance (the latter being preferred). You can use
freely
available Microsoft tools to push the mail addy's to the ADAM instance or
you could rig up something different if that makes it easier. There are
all
kinds of tools and information available.

It really is a question of policy though. If you need to go that route,
here's a freely available version:
http://ldap-proxy.sourceforge.net/ldap_proxy_release_notes.html
But I'd have to ask about the security policy if that's the way to go.
Seems odd to have anything in the DMZ talking back into the network for
anything vs. pushing subsets of data to the DMZ.

Al




"Kevin Nickell" <knickell@xxxxxxxxxx> wrote in message
news:eiLpL$9HIHA.1204@xxxxxxxxxxxxxxxxxxxxxxx
I have a Windows 2003 server in the DMZ and I need to perform LDAP
lookups
off this box from our SPAM provider. Due to routing within the
environment, there is no way to LDAP directly from the outside to a GC
already running the LDAP listener on the inside. So, instead I am
curious
if an LDAP redirector works? IS there anything I can load on the box in
the DMZ (Which does have LDAP and GC access into the inside) that will
redirect or proxy or forward LDap lookups and/or cache and respond to
LDAP
requests.

My firewall will not provide proxy services, only port filtering, so
that
isn't an option.

Kevin






.

Relevant Pages

  • Re: LDAP proxy, forwarding or redirect
    ... forward requests, but you would be much better served by ADAM and its AD ... This will give you a flexible, extensible LDAP ... OpenLDAP or ADAM instance. ... anything vs. pushing subsets of data to the DMZ. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Keep ADAM proxies up-to-date through LDIFDE
    ... ADAM is AD LDS it's stamped all over it in W2k8 server so we just ... I'm not so sure about the currency of your perf observations; other LDAP ... surprise" does not cut it IMO if we want to win people over to ADAM. ...
    (microsoft.public.windows.server.active_directory)
  • Re: ADAM Bind Redirection question
    ... ADAM relies on windows auth mechanisms, it does not keep an ldap connection ... Windows domain in order to enable proxy binds. ... the idea here is to use AD secure binding with Active ...
    (microsoft.public.windows.server.active_directory)
  • Re: Virtual List View functionality in ADAM and Outlook
    ... point to ADAM from outlook using generic LDAP then I at least have a solution ... As for VLV- ADAM does support it. ... continue to try to manage this volume of information with MIIS? ... but my understanding of VLV's is that the client has to ...
    (microsoft.public.windows.server.active_directory)
  • Re: AD or ADAM as a user database
    ... SQL system. ... ADAM with SSL will ... Learning how to design LDAP schema isn't hard as there isn't too much to it, ...
    (microsoft.public.windows.server.active_directory)