This blog is designed as a complement to my FTP and LDAP - Part 1: How to Use Managed Code (C#) to Create an FTP Authentication Provider that uses an LDAP Server blog post. In this second blog, I'll walk you through the steps to set up an Active Directory Lightweight Directory Services (AD LDS) server, which you can use with the custom FTP LDAP Authentication provider that I discussed in my last blog.
The following steps will walk you through installing Active Directory Lightweight Directory Services on a computer that is running Windows Server 2008.
Note: Before completing these steps I created a local user account named "LdapAdmin" that I would specify the administrative account for managing my LDAP instance. This user account was only a member of the local "Users" group, and not a member of the local "Administrators" group.
For additional information about working with AD LDS instances, see the following URLs:
While this is technically outside the scope of setting up the LDAP server, I'm reposting the notes from my last blog about adding the FTP LDAP Authentication provider and adding authorization rules for FTP users or groups.
Once these settings are configured and users connect to your FTP site, the FTP service will attempt to authenticate users from your LDAP server by using the custom FTP LDAP Authentication provider.
This tutorial has been great and I just had a couple questions of how to authenticate the users information from a remote client.
For example, I've created my AD LDS instance on a windows 2012 server and now I'm trying to use python-ldap to connect to this AD LDS instance from another computer to check user credentials.
Can you explain to me how to do this?
Thanks a lot,
I've never tried to access AD LDS from Python, so I'm a bit out-of-context on what it might take to get that working, but most of the problems that I have seen regarding issues when connecting to AD LDS have been related to security problems of one sort or other (e.g. authenticating to AD LDS, etc.) With that in mind, I found the following thread on Stack Overflow that might help:
I've followed the steps that you posted in setting up the AD LDS and I've managed to connect to it using ADSI and ldp.exe, I was just wondering if there was a way that I can remotely access the AD LDS instance with all the user credentials and check them? It doesn't have to be python.
How do you set a password for your application directory partition so I can increase the security of binds to it.