0

I am attempting to configure a system that will allow me to search an active directory via an LDS instance.

So far I have:

  • One Windows 10 machine with the LDP client installed
  • One virtual Windows Server 2016 machine with an AD and domain controller
  • One virtual Windows Server 2016 machine with an LDS instance

The server hosting the LDS instance has been added to the same domain as the domain controller allowing me to bind to users within the AD via LDAP.

However I am unable to search for users despite being bound to a user in the active directory I am attempting to search. The issue appears to relate to LDAP referrals, such that if I add the IP address and domain of the AD to the hosts file on the client machine, the LDP client will successfully find the users in the AD. If I remove the entry from the hosts file the LDP client no longer seems to be able to resolve the domain name.

Biggy
  • 1

1 Answers1

1

This sounds like a DNS issue. Since the Windows 10 machine is not joined to the domain, it has no idea what your domain name means.

I assume that your Windows 10 machine is using a public DNS server (from your ISP?), which has no idea your domain exists. So when you look up the domain, you will get no result. You can test this in the command line with (use your domain name instead of "domain.com"):

nslookup domain.com

So it makes sense that it works when you add the domain to the hosts file. That is your easiest solution.

If you want a different solution, then you need to set the DNS server of your Windows 10 machine to a DNS server that is aware of your domain. You could even use your domain controller as the DNS server (I believe every domain controller can act as a DNS server).

Gabriel Luci
  • 38,328
  • 4
  • 55
  • 84