Skip to content

Windows Server 2008 – How to use LDP To locate Computers on a Global Catalogue – The Visual Guide


Yesterday we used ldp on a domain controller, today we will use ldp on a global catalog to reveal all accounts within the forest.

Step 1 – Start the ldp.exe tool

Start > Run > ldp.exe



Step 2 – Connect & Configure

Connection > Connect


Enter Domain Controller name

Port 3268

(Port 3268 is for Global Catalogue… Port 389 is Ldap on a DC)

bind to gc

Clear Connectionless check box if it’s selected > OK


Step 3 – Bind to Locally logged in account

LDP will display lots of information, without a password.

gc bind

Notice that the ldap service is “” – we’ll use this later.


Step 4 – Browse > Search (to get a search box)

This time we will filter for all computers within a forest.  Enter the following filter into the search box

Base DN: DC=Teaching,DC-ac,DC=uk



ldap filter for computer

Results of this computer filter would be:

ldp filter computer results

What does this tell us?

The first result has a Common Name of DC01,  and is the Domain Controller.

The DNS =

We get a lot of information on the DC.


Forest Wide DC’s

Next we see all the other DC’s in the Forest being revealed:

gc other DC


Other types of workstations used at the organisation will be revealed:

gc macMAC can be guessed as MAC, and PC can be guessed as Windows.

And not to be left out, here we see a Unix machine….

gc unix

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: