ldap?

[James W. Long]

Hi

Just a question about what I dont know.

when did DNS start using ldap?
I thought it only used tcp and upd on port 53
and a random port above 1024 for the answer.

I see all that stuff in my AD DNS server but I dont really
know why its there.

Is leightwieght directory access protocol used
just between the DNS server and AD on the
local DC machine(s) or does ldap get routed to
other DC's and DNS servers on the internet? if thats
the case, are MS DC DNS servers the only ones
who use it? and then the question arises,
if a non ldap inclined DC DNS server works fine
without ldap, then why is ldap used?

Thanks
James Long

 

[Ace Fekay [MVP]]

In

Hi

Just a question about what I dont know.

when did DNS start using ldap?
I thought it only used tcp and upd on port 53
and a random port above 1024 for the answer.

Never did nor will use LDAP. AD uses that, on port 389. AD also uses LDAP to
search the GC on port 3268.
DNS is queried to FIND the LDAP services and what port their using in those
SRV records.

I see all that stuff in my AD DNS server but I dont really
know why its there.

Leave it there. Big smile.

Is leightwieght directory access protocol used
just between the DNS server and AD on the
local DC machine(s) or does ldap get routed to
other DC's and DNS servers on the internet?

Yes and no. AD uses LDAP. Period. You can access any sort of LDAP directory
using the LDAP protocol. LDAP is the protocol used to search an X.500
Directory Service. Its a standard implemented by the IETF that was first
defined in 1982 then refined in 1984. Banyon Vines was the first to use it
in their Street Talk product. Then a couple of other Unix systems came with
their own products based on the X.500 implementation, such as NIS for Sun.
Then Novell came out with their version of an X.500 system, called NDS. Then
Microsoft followed suite with their product based on the same X.500
standard, called Active Directory. Other companies have X.500 systems as
well. I believe even the iDEN technology that Nextel uses for Direct Connect
is also based on X.500. LDAP just searches it.

if thats
the case, are MS DC DNS servers the only ones
who use it? and then the question arises,
if a non ldap inclined DC DNS server works fine
without ldap, then why is ldap used?

AD is the only X.500 service to use DNS as its hierarchal structure. Its an
advantage due to the recent implementation of the SRV records. So it works
two-fold. Its an Internet naming/hierarch strategy for domains and at the
same time it stores the LDAP, Kerberos, etc, resources and service locations
in DNS.

Thanks
James Long

btw- In case you were to ask, Kerberos is used for authentication between
systems and serivices in AD.


--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroup so all
can benefit. This posting is provided "AS-IS" with no warranties and
confers no rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================

 

[James W. Long]

"Ace Fekay [MVP]"

In

Never did nor will use LDAP. AD uses that, on port 389. AD also uses LDAP to
search the GC on port 3268.
DNS is queried to FIND the LDAP services and what port their using in those
SRV records.


Leave it there. Big smile.

np. but it does concern me greatly that yet another
protocol comes and goes as it wishes betweeen all these computers.
sign of the times.

Yes and no. AD uses LDAP. Period. You can access any sort of LDAP directory
using the LDAP protocol. LDAP is the protocol used to search an X.500
Directory Service. Its a standard implemented by the IETF that was first
defined in 1982 then refined in 1984. Banyon Vines was the first to use it
in their Street Talk product. Then a couple of other Unix systems came with
their own products based on the X.500 implementation, such as NIS for Sun.
Then Novell came out with their version of an X.500 system, called NDS. Then
Microsoft followed suite with their product based on the same X.500
standard, called Active Directory. Other companies have X.500 systems as
well. I believe even the iDEN technology that Nextel uses for Direct Connect
is also based on X.500. LDAP just searches it.


AD is the only X.500 service to use DNS as its hierarchal structure.

thus allowing for futher access by who knows.

Its an advantage due to the recent implementation of the SRV records. So it works
two-fold. Its an Internet naming/hierarch strategy for domains and at the
same time it stores the LDAP, Kerberos, etc, resources and service locations
in DNS.

btw- In case you were to ask, Kerberos is used for authentication between
systems and serivices in AD.

on different sysetms I assume.
I feel so much safer now!

 

[Ace Fekay [MVP]]

In

np. but it does concern me greatly that yet another
protocol comes and goes as it wishes betweeen all these computers.
sign of the times.

Don't know what you mean? LDAP has been around for a long time.

on different sysetms I assume.
I feel so much safer now!

Well, I meant communication between different WIndows 2000, XP and WIndows
2003 machines and services running on them. Not for legacy machines.
Yes, it is safe to walk outside now!!

Cheers!



--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroup so all
can benefit. This posting is provided "AS-IS" with no warranties and
confers no rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================

 

[James W. Long]

-I'm just cynical at times.

Thank you very much for that great info on ldap. I found it good to have the
background.

James


"Ace Fekay [MVP]"

 

[Ace Fekay [MVP]]

In

-I'm just cynical at times.

Thank you very much for that great info on ldap. I found it good to
have the background.

James

No problem. Ask anytime!