Monday, January 21, 2013

How to find LDAP server details in your domain

Hello People

We all have LDAP configured in Infastructure, however not aware on which all servers it is, what is the port number (Default is port 389, avoid changing this port number, as it will break connections)


Step One :- Check the list of Domain Controllers in your Domain

Command is :-  nltest /dclist:Domain Name

Here after :  Specify youir domain name without space, It will list all the DC's under your domain.

E.g.   Abc.Xyz.com       [DS] Site: Thornton

Here Abc.Xyz.com - Complete FQDN of server: [DS = Directory Services]; Site - Name of Site


Setp Two :- How to check LDAP server & its Priority & Port in your Domain


  • Open Command Prompt - Start - CMD - Right click and say Run as Administration
  • Enter Administrator passwrd and you'll get Command Prompt
  • Type - nslookup & Press Enter
  • You'll be at nslookup prompt, Like this :- >
  • At nslookup prompt type - set type=all
  • You'll be back on nslookup prompt again, then execute below command to find LDAP server & its priority & port number
  •  _ldap._tcp.dc._msdcs.Abc.Xyz.com

Here :- Abc.Xyz.com is your domain name; Also very important you need to specify sign like _ & .
any mistake will not execute result.

Result would be like as below

_ldap._tcp.dc._msdcs.Abc.Xyz.com  SRV service location:


priority = 0

weight = 100

port = 389

svr hostname = mickey.Abc.Xyz.com - This is your complete FQDN of your LDAP server   

mickey.Abc.Xyz.com  internet address = 00.00.00.00   - This is your LDAP Internet Address



Feel free to raise any queries  
Happy to help you  
I Thank You for your time



15 comments:

  1. Replies
    1. Hi Sobia,

      You can find domain name by right click on My computer - Computer name
      Also can use command line tool - nslookup, this will help you to find the DC and DNS server both

      Delete
    2. Hi Sobia,

      You can find domain name by right click on My computer - Computer name
      Also can use command line tool - nslookup, this will help you to find the DC and DNS server both

      Delete
  2. Hi Sobia,

    How can i find the base ldap distinguished name for ldap.

    Thank you.

    ReplyDelete
  3. how to open LDAP port on non-domain windows 2008 server/?

    ReplyDelete
  4. Nice Post with information regarding great use! The ways you have illustrated the information is impressive. Thanks!
    24x7 Technical Support Service

    ReplyDelete
    Replies
    1. Nevermind, msdcs is literal, yes, great post for an otherwise confusing subject, ldap...thanks

      Delete
  5. DNS request timed out, is what I get

    ReplyDelete
  6. i got the following

    *** Can't find address for server SRV: Non-existent domain
    >

    ReplyDelete
  7. At nslookup prompt type - set type=all

    pc didn't take this command, please suggest.

    ReplyDelete
    Replies
    1. it is taking now, actually the syntax I put got wrong.

      Thanks for this post

      Delete