Share via

Use Ldp.exe to Manage an AD LDS Instance

Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Server 2012

Ldp.exe is a graphical user interface (GUI) tool for general administration of a Lightweight Directory Access Protocol (LDAP) directory service. To use Ldp.exe to administer an Active Directory Lightweight Directory Services (AD LDS) instance, you must connect and bind to the instance and then display the hierarchy (tree) of a distinguished name of the instance. You can then browse to an object in the tree and right-click the object to administer it.

Membership in the Administrators group of the AD LDS instance is the minimum required to complete this procedure. By default, the security principal that you specify as the AD LDS administrator during AD LDS setup becomes a member of the Administrators group in the configuration partition. For more information about AD LDS groups, see Understanding AD LDS Users and Groups.

To view the contents of an AD LDS instance using Ldp.exe

  1. Open Ldp.

  2. On the Connection menu, click Connect .

  3. In Server , type the Domain Name System (DNS) name, NetBIOS name, or IP address of the computer on which the AD LDS instance is running.

  4. In Port , type the LDAP or Secure Sockets Layer (SSL) communication port number that the AD LDS instance to which you want to connect is using, and then click OK .

  5. On the Connection menu, click Bind .

  6. Do one of the following:

    • To bind using the credentials that you logged on with, click Bind as currently logged on user .

    • To bind using a domain user account, click Bind with credentials , type the user name, password, and domain name (or the computer name, if you are using a local workstation account) of the account that you are using, and then click OK .

    • To bind using just a user name and password, click Simple bind , type the user name and password of the account that you are using, and then click OK .

    • To bind using an advanced method (NTLM, Distributed Password Authentication (DPA), negotiate, or digest), click Advanced (method) , click Advanced , in Method select the desired method, set other options as needed, and then click OK .

  7. When you are finished specifying the bind options, click OK .

  8. On the View menu, click Tree .

  9. In the BaseDN list, click the distinguished name of the object to use as the base object in the navigation pane.

Additional considerations

  • To open Ldp, click Start , point to Run , type ldp , and then click OK .

  • The default communication port for LDAP is 389. The default communication port for SSL is 636.

  • To connect to an AD LDS instance running on the local computer, type localhost as the server name.

Additional references