> -----Original Message----- > From: A. Michael Salim [mailto:msalim@xxxxxxxxxxxx] > Sent: Monday, February 16, 2004 8:40 PM > To: [ExchangeList] > Subject: [exchangelist] RE: Exchange Server 2003 user list > > > http://www.MSExchange.org/ > > Hi, > > > Well is no other workstation needs LDAP then only allow connections > > from your workstation. I looked on my exchange 5.5 box and > don't see a > > method to limit the query to a domain. I do see the ability > to set the > > search base in Outlook XP. > > > > My guess would be that the permissions need to be set within AD > > itself, but I don't have a place to test the theory. > > Allowing LDAP to certain IP's is a good idea, but I can;t > seem to find a way to control LDAP access. I checked > everywhere in AD and Exchange Manager as well, and did not > see any place I can "control" LDAP. Anyone know where > exactly is LDAP enabled/disabled in the Exchange Server, and > how can I put security restrictions on it? > > best regards > Mike > Mike, I'm still in the learning phase as well but have come across a couple of good references. O'Reilly Active Directory 2nd Edition Chapter 11 deals with the security issues And AD Cookbook 4.23 modifing default query policy References MS KB 315071 14.4 restricting hosts from performing queries References MS KB 314976 14.15 enabling List Object Access Mode references http://www.microsoft.com/serviceproviders/whitepapers/hvh_ad_deploy.asp Also MS website http://www.microsoft.com/serviceproviders/whitepapers/ad.asp John