Share via

Connect Active Directory LDAP

Anonymous
2024-08-02T10:39:24+00:00

Hello together,

i have a strange issue with our Active Directory Connection. As far as the Client or Server is connected to the Domain, everything works fine.

I am able to use ldp.exe to connect to the domain with 389 or 636.

But if i use a Server without domain connection, i receive an error message 0x51. Doesn´t care what port used.

If i test the same in our lab, all is god.

I have done some test with dns diag but all fine so far. Also i try whireshark check what happen and i´ve got the message

"Standard query response 0x4b35 No such name A <servername>.<domain> SOA <servername>.<domain>"

Also

"Standard query response 0x4b35 No such name SRV _ldap._tcp.<servername>.<domain> SOA <servername>.<domain>"

There is no firewall in between. I am able to resolve all names. Also i am able to do a powershell tnc of both ports (389 and 636) to the domain controller.

Anyone an idea what id could be? If i where not able to use ldaps with 636 then it could be an certificate issue. But 389 shoud be possible at all.

There is also no domain restriction gpo for unrestricted ldap access.

We are in our way to limit that access. But for that, all application mus work first.

Frank

Windows for business Windows Server Directory services Active Directory

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

0 comments

5 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2024-08-02T11:41:21+00:00

    Hello Frank Müller (frank.mueller),

    Thank you for posting in Microsoft Community forum.

    Based on the description "But if i use a Server without domain connection, i receive an error message 0x51.", do you mean the server is not in domain or the server is in one workgroup?

    If so, in my lab, it seems I have the same error message as you mentioned when I connect server via LDP port 389.

     

    If you have any question or concern, please feel free to let us know.

    Best Regards,

    Daisy Zhou

    0 comments
  2. Anonymous
    2024-08-02T11:51:25+00:00

    Yes,

    i found out some minutes ago, that you have to use the domain name instead of an explicit server.

    Frank

    0 comments
  3. Anonymous
    2024-08-05T09:41:23+00:00

    Hello

    Good day!

    If I use the domain name instead of an explicit server, I got the same error message.

    Image

    Best Regards,
    Daisy Zhou

    0 comments
  4. Anonymous
    2024-08-05T10:59:55+00:00

    Ok.

    And do you have an idea why?

    Frank

    0 comments
  5. Anonymous
    2024-08-06T08:27:16+00:00

    Hello

    Good day!

    Based on the article, I can see:

    Performs operations such as connect, bind, search, modify, add, delete against any Lightweight Directory Access Protocol (LDAP)-compatible directory, such as Active Directory Domain Services (AD DS). Ldp is an LDAP client that you use to view objects that are stored in AD DS along with their metadata, such as security descriptors and replication metadata.

    Ldp | Microsoft Learn

    I think if you want to connect one domain on one machine, this machine should be in the domain or can access the domain (please check the DNS setting and the AD ports on the machine).

    In the screenshot above I provided, it is two different forests (a.com and lad.com) without any trust, it should be no any connection or access permissions to each other.

    Best Regards,
    Daisy Zhou

    0 comments