What Is Active Directory Lightweight Directory Services?
Microsoft Active Directory Lightweight Directory Services (AD LDS) is an independent mode of Active Directory that provides dedicated directory services for applications.AD LDS is a mode of Active Directory that provides directory services for applications.
AD LDS provides dedicated directory services for applications. It provides a data store and services for accessing the data store. It uses standard application programming interfaces (APIs) for accessing the application data. The APIs include those of Active Directory, Active Directory Service Interfaces, Lightweight Data Access Protocol, and System.DirectoryServices.AD LDS operates independently of Active Directory and independently of Active Directory domains or forests. It operates either as a standalone data store, or it operates with replication. Its independence enables local control and autonomy of directory services for specific applications. It also facilitates independent, flexible schemas, and naming contexts.
AD LDS does not have the infrastructure capabilities of Active Directory.
AD LDS does not include directory services for the Windows operating system, so it concentrates on the requirements of specific applications. If AD LDS operates in an Active Directory environment, it can use Active Directory for authentication. Because AD LDS does not support the Messaging Application Programming Interface, Microsoft Exchange cannot use AD LDS.AD LDS usage complements that of Active Directory.
Although AD LDS and Active Directory can operate concurrently within the same network, AD LDS serves the requirements of specific applications. An instance of AD LDS can be created for a specific application without concern for the dependencies required by Active Directory. AD LDS can be installed without affecting Active Directory. Multiple instances of AD LDS, each supporting a separate application, can run on a single AD LDS installation.How to install AD LDS on Windows Server 2016
AD LDS is relatively simple process to install on Windows server.
Step 1. Add AD LDS role on Windows server
Step 2. Create New AD LDS Instance
In AD LDS, a "service instance" (or, simply, "instance") refers to a single running copy of the AD LDS directory service. Multiple instances of AD LDS can run simultaneously on the same computer. Each instance of the AD LDS directory service has a separate directory data store, a unique service name, and a unique service description that is assigned during installation. During AD LDS installation, you have the option of creating an application directory partition if your Lightweight Directory Access Protocol (LDAP) application does not create one for you.
Run the Active Directory Lightweight Directory Services Setup Wizard.
Step 3. Verifying the connection to AD LDS
3-1. Using Veryfy with LDP
Ldp.exe is a graphical user interface (GUI) tool for general administration of a Lightweight Directory Access Protocol (LDAP) directory service. To use Ldp.exe to administer an Active Directory Lightweight Directory Services (AD LDS) instance, you must connect and bind to the instance and then display the hierarchy (tree) of a distinguished name of the instance. You can then browse to an object in the tree and right-click the object to administer it.
3-2. Using ADSI Edit LDAP Administrator tool
ADSI Edit is a Microsoft Management Console (MMC) snap-in for general administration of AD LDS. It is installed as part of the AD LDS and Active Directory Domain Services (AD DS) server roles. To use ADSI Edit to administer an AD LDS instance, you must first connect and bind to the instance. You can administer containers and objects in the instance by browsing to the containers or objects and then right-clicking them.
1. select ADSI Edit on Tools menu on top.
Done.
Reference
https://msdn.microsoft.com/en-us/library/aa772140(v=vs.85).aspx
https://technet.microsoft.com/en-us/library/cc770639(v=ws.10).aspx
Comments
Post a Comment