Windows Server 2008:AD LDS application strategy

Source: Internet
Author: User
Tags ldap ldap port

This article together we understand the specific installation of AD LDS and simple application operations.

First, install the AD LDS server role

1. Click Start, and then click Server Manager.

2. In the console tree, right-click Roles, and then click Add Role.

3. View the information on the before start page of the Add Role Wizard, and then click Next.

4. On the Select Server Role page, in the Roles list, select the Active directory Lightweight directory service check box, and then click Next.

5. Follow the instructions in the wizard to complete the Add AD LDS server role.

Ii. use of AD LDS instances

(1) Create a new AD LDS instance

1. Click Start, point to Administrative Tools, and then click Active Directory Lightweight Directory Services Installation Wizard.

2. On the Welcome to the Active directory Lightweight Directory Service Installation Wizard page, click Next.

3. On the Installation Options page, click a unique instance, and then click Next.

4. On the Instance Name page, provide the name of the AD LDS instance that you want to install. This name is used to uniquely identify the AD LDS instance on the local computer. Accept the default name Instance1, and then click Next.

5. On the Ports page, specify the communication port that the AD LDS instance uses for communication. AD LDS can communicate using LDAP and Secure Sockets Layer (SSL), so you must provide a value for each port.

For this exercise, accept the default values 389 and 636, and then click Next.

Note: If you install AD LDS on a computer that uses either of the default ports, the Active directory Lightweight Directory Services Installation Wizard will automatically find the first available port starting with 50000. For example, Active directory Domain Services (AD DS) Use ports 389 and 636, and ports 3268 and 3269 on global directory servers. Therefore, if you install AD LDS on a domain controller, the Active directory Lightweight Directory Services Installation Wizard will provide the LDAP port with a default value of 50000 and a default value of 50001 for the SSL port.

6. On the Application directory partitions page, you can create an application directory partition (or naming context) by clicking Yes, creating an application directory partition. Alternatively, you can click No, do not create an application directory partition, in which case you must manually create an application directory partition after installation. Click Yes to create an application directory partition.

Type O=microsoft,c=us as the distinguished name for this application directory partition, and then click Next.

Note: AD LDS supports the X.500 style and domain Name System (DNS) style distinguished names of top-level directory partitions.

7. On the File Location page, you can view and change the installation directory for the AD LDS data and Recovery (log) files. By default, AD LDS data and recovery files are installed in%ProgramFiles%\Microsoft Adam\instancename\data, where instancename represents the AD LDS instance name specified on the Instance Name page. Click Next to accept the default file location.

8. On the Service Account Selection page, select the account that you want to use as the AD LDS service account. The selected account determines the security context in which the AD LDS instance is running. The Active directory Lightweight Directory Services Installation Wizard defaults to using Network service accounts. Click Next to accept the Network Service account default value. Or, if you are installing AD LDS on a domain controller, click this account, and then select the domain user account to use as the AD LDS service account.

9. On the AD LDS Administrator page, select a user or group as the default administrator for an AD LDS instance. The user or group you select will have full administrative control over the AD LDS instance. By default, the Active Directory Lightweight Directory Service Installation Wizard specifies the currently logged-on user. You can change this selection to any local (or domain) account (or group) on the network. Click the default value for currently logged-on user, and then click Next.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.