Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
LDAP publishing
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
LDAP publishing - 19.Sep.2006 1:23:02 PM
|
|
|
fiftybuck$
Posts: 11
Joined: 13.Apr.2006
Status: offline
|
Hi,
I am running ISA 2006 in a multi-homed config.
We are running an external Anti-Spam and AV service that needs to interrogate our AD to verify recipients, how do I go about publishing LDAP access to one of my external ips so that the software can read my AD on my DC?
Look forward to any assistance.
Regards
Lionel
|
|
|
|
|
RE: LDAP publishing - 19.Sep.2006 1:29:50 PM
|
|
|
fiftybuck$
Posts: 11
Joined: 13.Apr.2006
Status: offline
|
Sorry I posted this in the wrong place, can someone please move this to ISA 2006 >> Server Publishing, I dont seem to have the right to delete my own post.
Regards
Lionel
|
|
|
|
|
RE: LDAP publishing - 19.Sep.2006 2:02:42 PM
|
|
|
alans
Posts: 67
Joined: 8.Mar.2006
Status: offline
|
Hi,
try using server publishing rules or a normal access rule.
Alans
|
|
|
|
|
RE: LDAP publishing - 20.Sep.2006 3:02:17 PM
|
|
|
fiftybuck$
Posts: 11
Joined: 13.Apr.2006
Status: offline
|
Hi,
LDAP is precluded from all server publishing rules in ISA 2006, it is not an option to publish and access rules dont work because there is no place to tell ISA where to forward the requests too, the LDAP queries hit the firewall on the external IP and then an abortive_shutdown occurs as ISA doesnt forward the requests on. It was possible in ISA 2000 to publish port 389 but not anymore in ISA 2004 and 2006.
|
|
|
|
|
RE: LDAP publishing - 20.Sep.2006 5:56:07 PM
|
|
|
alans
Posts: 67
Joined: 8.Mar.2006
Status: offline
|
Hi,
you don't need it to be an option in the publishing wizard as you can make your own definition.
I think you need to get toms book.
ISA 2004 and ISA 2006 are real firewalls and port forwarding is a standard for all firewalls. If it is not in the wizard it doesn't mean it is not possible.
Regards,
Alan
|
|
|
|
|
RE: LDAP publishing - 21.Sep.2006 7:30:42 AM
|
|
|
fiftybuck$
Posts: 11
Joined: 13.Apr.2006
Status: offline
|
Hi Alan,
I tried that route and made my own definition and used port 389 and it still wouldnt show up in the publishing options, port 389 is precluded. I researched this one extensively before comng onto this forum.
Cheers
Lionel
|
|
|
|
|
RE: LDAP publishing - 21.Sep.2006 7:38:40 AM
|
|
|
fiftybuck$
Posts: 11
Joined: 13.Apr.2006
Status: offline
|
Ok what I have done is chosen to publish a DNS server and changed the ports to 389 and will see if it works now, you dont ever get the option to publish port 389 even if you make a user defined protocol.
Cheers
Lionel
|
|
|
|
|
RE: LDAP publishing - 21.Sep.2006 9:35:59 AM
|
|
|
fiftybuck$
Posts: 11
Joined: 13.Apr.2006
Status: offline
|
Feel a bit like a schmuck but this was the process:
I understand why LDAP doesnt show up in the wizard by default, it is an outbound protocol by default so "cannot" be published. I created a custom protocol called AD and set it to inbound and then I could publish it, sorry for all the trouble.
Thanks
Lionel
|
|
|
|
|
RE: LDAP publishing - 21.Sep.2006 5:50:13 PM
|
|
|
alans
Posts: 67
Joined: 8.Mar.2006
Status: offline
|
No problem
I thought you might have not changed the port directiion.
It would have been my next suggestion.
Regards,
Alan
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
