Anonymous searching problem

[FET]

Hello,
I have an active directory set up on a Windows server 2003 box
configured as a Domain Controller. I have created an OU under the
default domain and want it to be available to the public. When I right
click and go to the Delegation of Control wizard, and click on the
"Add" button to add users, an error comes saying "Location could not
be found".
I have used "dsacls" to grant read permission to the
"dc=Somedomain,dc=com" DN. But even that is of no use.
Using an ldap client, I connect to port 3268 (instead of 389) but even
that doesn't show the OU that I have added.
I only want that OU to be available to any person who does a bind with
NULL,NULL as username,password.
Please help me.
Thanks in advance.

Regards.

 

[Tony Murray [MVP]]

In Windows 2000 AD anyonmous queries were enabled by
default. In Windows 2003 anonymous queries are by default
disabled, with the exception of queries to RootDSE. You
can change the default behaviour.

http://support.microsoft.com/default.aspx?scid=kb;
[LN];326690

Tony
www.activedir.org

 

[FET]

Hi again,
I read that and decided to create a user having read-only credentials
rather than try giving anonymous access, coz it just doesn't work.
Even from LDP, I have to click on that box that says "domain" and give
a domain, only then will it authenticate me anonymously, but from the
java application I am making, I can't do it. I am trying to search a
tree of the structure:

cn=user1,ou=MyOU,o=MyO,c=IN,dc=myDomain,dc=com

I simply want to iterate through whatever attributes it has and
display them in a dialog. But I get the following error:

netscape.ldap.LDAPException: error result (32); 0000208D: NameErr:
DSID-03151E4D, problem 2001 (NO_OBJECT), data 0, best match of:
'DC=myDomain,DC=com'
; matchedDN = DC=myDomain,DC=com; No such object

Please help as I dont know what I am doing wrong.
Regards.