I wasn't sure that is why I stated it that way. I am not doubting you I am only asking questions if it came across as doubting I do apologize And thank you for the good information on this Magnus -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Braebaum, Neil Sent: Tuesday, July 22, 2003 4:28 AM To: 'thin@xxxxxxxxxxxxx' Subject: [THIN] Re: OT: LDAP Comments inline... > -----Original Message----- > From: Magnus [mailto:magnus@xxxxxxxx] > Sent: 21 July 2003 18:00 > To: thin@xxxxxxxxxxxxx > Subject: [THIN] Re: OT: LDAP > > Although LDAP is LDAP Microsoft implementation of it is a > bit different than the open standard of LDAP. I'll ask again, in what *salient* manner? MS AD is LDAP v2 and v3 compliant - I have not had any specific *LDAP* issues accessing MS AD via other platforms. > Specifically what is different, I would have to check, but I > was under the impression that there are objects in MS LDAP > that you cannot access or change using a different LDAP > client (such as UNIX's implementation of LDAP) I might be wrong. The only difference I can think you are referring to, here, is the inetorg thing - and that is an object / class thing, as opposed to a protocol thing. The structure and security of the underlying directory behind the LDAP protocol is not fully part of the spec. I'll say again, I know of no protocol issues in accessing MS AD using pure LDAP - and I say this with experience. Unfounded or groundless accusations mean nothing, if they're not borne out, or experienced in practice. > I havent tried it myself so I couldn't give you specific > examples of the differences. Then try it yourself, and then come back if you still have the same complaints. In the meantime, accept the word of somebody doing this in the real world (ie accessing MS AD using pure LDAP from diverse platforms), who's telling you I've not encountered any protocol or access issues. > In order to use DL's that are defined in an AD domain the > mail server would have to authenicate to AD LDAP right? You could either authenticate, or bind anonymously depending on the configured security (which is outside of the spec of LDAP) in your AD. Regardless, this is the same issue you'd have with *any* LDAP directory - I urge you, if you truly are convinced there are such problems, then try it for yourself, and report back. In the meantime, I'll just say that your raised concerns are mostly unfounded - unless you have very specific needs - and even then, they can be overcome. I've not yet encountered *any* protocol issues with MS AD using LDAP. Neil *********************************************************************** This e-mail and its attachments are confidential and are intended for the above named recipient only. If this has come to you in error, please notify the sender immediately and delete this email from your system. You must take no action based on this, nor must you copy or disclose it or any part of its contents to any person or organisation. Statements and opinions contained in this email may not necessarily represent those of Littlewoods. Please note that email communications may be monitored. The registered office of Littlewoods Limited and its subsidiaries is 100 Old Hall Street, Liverpool, L70 1AB. Registered number of Littlewoods Limited is 262152 *********************************************************************** ******************************************************** This weeks sponsor - IDP ServerBoss Restrict, Manage and Control Access to your applications and other valuable Citrix, Windows NT, 2000 and 2003 Server Resources http://www.serverboss.com/default.asp?partner=thethin ********************************************************** Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm ******************************************************** This weeks sponsor - IDP ServerBoss Restrict, Manage and Control Access to your applications and other valuable Citrix, Windows NT, 2000 and 2003 Server Resources http://www.serverboss.com/default.asp?partner=thethin ********************************************************** Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm