How to create a LDAP service account user and assign permissions

TheMSsForum.com: The Microsoft Software Forum

I want to setup an account in AD that allows some third-party systems to
query the AD using LDAP or secure LDAP to validate users credentials. We
have systems like WebSense that need to use a special LDAP account that has
rights to validate users ID and passwords before they are allowed access to
the Internet.

How to I get this to work?
Top

RE: How to create a LDAP service account user and assign permissions by Mrunyon

Mrunyon
Mon Jul 10 11:43:01 CDT 2006

Hey...I have the same issue. I have someone wanting to setup a "Jabber"
server on Linux. Anyone answer your question?

--
Matty


"Shawn Anthony" wrote:

> I want to setup an account in AD that allows some third-party systems to
> query the AD using LDAP or secure LDAP to validate users credentials. We
> have systems like WebSense that need to use a special LDAP account that has
> rights to validate users ID and passwords before they are allowed access to
> the Internet.
>
> How to I get this to work?
>
>
Top

Re: How to create a LDAP service account user and assign permissions by Joe

Joe
Mon Jul 10 16:03:23 CDT 2006

If you are using Active Directory, you simply create a user account. As
for how to configure the application, that depends on the application.
AD allows specifying credentials with several formats for LDAP binding
such as domain\userid, userprincipalname (like joe@domain.com), and DN.

joe

--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net


---O'Reilly Active Directory Third Edition now available---

http://www.joeware.net/win/ad3e.htm



Shawn Anthony wrote:
> I want to setup an account in AD that allows some third-party systems to
> query the AD using LDAP or secure LDAP to validate users credentials. We
> have systems like WebSense that need to use a special LDAP account that has
> rights to validate users ID and passwords before they are allowed access to
> the Internet.
>
> How to I get this to work?
>
>
Top

Re: How to create a LDAP service account user and assign permissions by Roger

Roger
Tue Jul 11 00:59:45 CDT 2006

Please clarify your post.
The subject says you need to create "a LDAP service account",
but the body of your post only indicates that you need an account
that can validate user credentials. As Joe indicated, any account
can do the last (but do use good safeguards in how you collect the
uid/pwd used in the validation). If however you are setting up a
Kerberos based service to be used by these third-party systems,
then please indicate as such.

"Shawn Anthony" <ShawnAnthony@discussions.microsoft.com> wrote in message
news:1D522F74-251B-4993-B045-5025225E5C8D@microsoft.com...
>I want to setup an account in AD that allows some third-party systems to
> query the AD using LDAP or secure LDAP to validate users credentials. We
> have systems like WebSense that need to use a special LDAP account that
> has
> rights to validate users ID and passwords before they are allowed access
> to
> the Internet.
>
> How to I get this to work?
>
>


Top

Re: How to create a LDAP service account user and assign permissions by S

S
Tue Jul 11 03:42:18 CDT 2006

I would guess that Websense will provide instructions.

Applications usually verify the users' credentials by reusing those for LDAP
bind - no account is necessary.

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

"Shawn Anthony" <ShawnAnthony@discussions.microsoft.com> wrote in message
news:1D522F74-251B-4993-B045-5025225E5C8D@microsoft.com...
>I want to setup an account in AD that allows some third-party systems to
> query the AD using LDAP or secure LDAP to validate users credentials. We
> have systems like WebSense that need to use a special LDAP account that
> has
> rights to validate users ID and passwords before they are allowed access
> to
> the Internet.
>
> How to I get this to work?
>
>


Top