Windows Server 2008 – How to use LDP To locate Computers on a Global Catalogue – The Visual Guide
Yesterday we used ldp on a domain controller, today we will use ldp on a global catalog to reveal all accounts within the forest.
Step 1 – Start the ldp.exe tool
Start > Run > ldp.exe
Step 2 – Connect & Configure
Connection > Connect
Enter Domain Controller name
(Port 3268 is for Global Catalogue… Port 389 is Ldap on a DC)
Clear Connectionless check box if it’s selected > OK
Step 3 – Bind to Locally logged in account
LDP will display lots of information, without a password.
Notice that the ldap service is “Teaching.ac.uk” – we’ll use this later.
Step 4 – Browse > Search (to get a search box)
This time we will filter for all computers within a forest. Enter the following filter into the search box
Base DN: DC=Teaching,DC-ac,DC=uk
Results of this computer filter would be:
What does this tell us?
The first result has a Common Name of DC01, and is the Domain Controller.
The DNS = DC01.teaching.ac.uk
We get a lot of information on the DC.
Forest Wide DC’s
Next we see all the other DC’s in the Forest being revealed:
Other types of workstations used at the organisation will be revealed:
And not to be left out, here we see a Unix machine….