RE: Exchange Server 2003 user list

  • From: John Mason <John.Mason.Jr@xxxxxxxxxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Tue, 17 Feb 2004 11:16:02 -0500

> -----Original Message-----
> From: A. Michael Salim [mailto:msalim@xxxxxxxxxxxx] 
> Sent: Monday, February 16, 2004 8:40 PM
> To: [ExchangeList]
> Subject: [exchangelist] RE: Exchange Server 2003 user list
> Hi,
> > Well is no other workstation needs LDAP then only allow connections 
> > from your workstation. I looked on my exchange 5.5 box and 
> don't see a 
> > method to limit the query to a domain. I do see the ability 
> to set the 
> > search base in Outlook XP.
> >
> > My guess would be that the permissions need to be set within AD 
> > itself, but I don't have a place to test the theory.
> Allowing LDAP to certain IP's is a good idea, but I can;t 
> seem to find a way to control LDAP access. I checked 
> everywhere in AD and Exchange Manager as well, and did not 
> see any place I can "control" LDAP.  Anyone know where 
> exactly is LDAP enabled/disabled in the Exchange Server, and 
> how can I put security restrictions on it?
> best regards
> Mike

I'm still in the learning phase as well but have come across a couple of
good references.

O'Reilly Active Directory 2nd Edition

Chapter 11 deals with the security issues

And AD Cookbook

4.23 modifing default query policy
MS KB 315071

14.4 restricting hosts from performing queries
MS KB 314976

14.15 enabling List Object Access Mode

Also MS website


Other related posts: