[THIN] Re: OT: LDAP

• From: "Magnus" <magnus@xxxxxxxx>
• To: <thin@xxxxxxxxxxxxx>
• Date: Tue, 22 Jul 2003 08:35:45 -0400

I wasn't sure that is why I stated it that way.  I am not doubting you I am
only asking questions if it came across as doubting I do apologize
And thank you for the good information on this
Magnus

-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Braebaum, Neil
Sent: Tuesday, July 22, 2003 4:28 AM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: OT: LDAP


Comments inline...

> -----Original Message-----
> From: Magnus [mailto:magnus@xxxxxxxx]
> Sent: 21 July 2003 18:00
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Re: OT: LDAP
> 
> Although LDAP is LDAP  Microsoft implementation of it is a
> bit different than the open standard of LDAP.  

I'll ask again, in what *salient* manner?

MS AD is LDAP v2 and v3 compliant - I have not had any specific *LDAP*
issues accessing MS AD via other platforms.

> Specifically what is different, I would have to check, but I
> was under the impression that there are objects in MS LDAP 
> that you cannot access or change using a different LDAP 
> client (such as UNIX's implementation of LDAP) I might be wrong.

The only difference I can think you are referring to, here, is the inetorg
thing - and that is an object / class thing, as opposed to a protocol thing.

The structure and security of the underlying directory behind the LDAP
protocol is not fully part of the spec.

I'll say again, I know of no protocol issues in accessing MS AD using pure
LDAP - and I say this with experience.

Unfounded or groundless accusations mean nothing, if they're not borne out,
or experienced in practice.

> I havent tried it myself so I couldn't give you specific
> examples of the differences.

Then try it yourself, and then come back if you still have the same
complaints.

In the meantime, accept the word of somebody doing this in the real world
(ie accessing MS AD using pure LDAP from diverse platforms), who's telling
you I've not encountered any protocol or access issues.

> In order to use DL's that are defined in an AD domain the
> mail server would have to authenicate  to AD LDAP right?

You could either authenticate, or bind anonymously depending on the
configured security (which is outside of the spec of LDAP) in your AD.

Regardless, this is the same issue you'd have with *any* LDAP directory - I
urge you, if you truly are convinced there are such problems, then try it
for yourself, and report back.

In the meantime, I'll just say that your raised concerns are mostly
unfounded - unless you have very specific needs - and even then, they can be
overcome.

I've not yet encountered *any* protocol issues with MS AD using LDAP.

Neil

***********************************************************************
This e-mail and its attachments are confidential and are intended for 
the above named recipient only. If this has come to you in error, 
please notify the sender immediately and delete this email from your system.
You must take no action based on this, nor must you copy or disclose it or
any part of its contents to any person or organisation.

Statements and opinions contained in this email may not necessarily 
represent those of Littlewoods. Please note that email communications 
may be monitored. 

The registered office of Littlewoods Limited and its  subsidiaries is 100
Old Hall Street, Liverpool, L70 1AB. 
Registered number of Littlewoods Limited is 262152 
 ***********************************************************************
********************************************************
This weeks sponsor - IDP ServerBoss
Restrict, Manage and Control Access to your applications 
and other valuable Citrix,  Windows NT, 2000 
and 2003 Server Resources 
http://www.serverboss.com/default.asp?partner=thethin
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm

For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm


********************************************************
This weeks sponsor - IDP ServerBoss
Restrict, Manage and Control Access to your applications 
and other valuable Citrix,  Windows NT, 2000 
and 2003 Server Resources 
http://www.serverboss.com/default.asp?partner=thethin
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm

For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm

• References:
  • [THIN] Re: OT: LDAP
    • From: Braebaum, Neil

Other related posts:

• » [THIN] OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP
• » [THIN] Re: OT: LDAP

1. Home
2. thin
3. Archive
4. 07-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---