Active Directory Users and ComputersActive Directory is an implementation of LDAP directory services by Microsoft for use primarily in Windows environments. Microsoft provides a set of graphical tools to manage Active Directory so we don’t have to deal with LDAP concepts like distinguished names, attributes, schemas, etc. The provided tools are good, but there are certain instances in which we need to deal with LDAP directly to be able to perform tasks the tools does not provide.
Outlook 2003 Address BookFor example, we would like to use Active Directory as an LDAP source for our Outlook 2003 Address Book. To be able to achieve this, we need to assign email addresses to our user and groups using the Active Directory Users and Computers console. But if we try to use our Outlook Address Book, only the user accounts appear. To be able to show the groups, we need to set the LDAP attribute displayName which is required by the address book. The console automatically updates this attribute for users but not groups and there is no way to update it using the console. To be able to modify LDAP attributes, we can use ADSI Edit included in the Windows Server 2003 Support Tools.

NoteThe Windows Support Tools are not automatically installed when you install Windows Server 2003. To install the Windows Support Tools on a computer that is running Windows Server 2003, run the Suptools.msi program found in the Support\Tools folder of the Windows Server 2003 CD.

How to use ADSI Edit

ADSI Edit1. Click Start then click Run and type in adsiedit.msc. This will launch the ADSI Edit application.
ADSI Edit2. From the ADSI Edit window, find the entry you wish to modify.
ADSI Edit3. Right click the entry you wish to modify and click Properties. You should now be able to see all the attributes of the selected entry.
ADSI Edit4. To change the value of an attribute, click Edit, fill in the new value and click Ok when you’re done.

Visit the forum to ask for help or to give a comment.

Posted on 3/4/2008 and last updated on 12/7/2009
Filed under Active Directory , LDAP