Active Directory Light Weight Directory Services
Windows 2008

When would to need an AD LDS?

  • When you need active directory but don't want to mess up your entire schema

This is usefull for let's say an application that needs active directory but hasn't been fully tested and will modify the schema.

You can install this on any windows 2008 server including server core. You will need to type that in the command line like this:

start /w ocsetup DirectoryServices-ADAM-ServerCore

ADAM stands for Active Directory Application Mode
  • To administer Active Directory Lightweight Directory Services you would open up active directory LDS and choose first unique, then when you setup another LDS you would choose replica of an existing instance.
  • Then you would choose a name for it like an applicationname let's say exchangeTestLDS
  • Then you would choose the ports that it will listen to. Change these standard ports to around 50000. Because it uses the default portnumbers that could mess up the normal replication.
  • When the application will create a directory partition you would choose No, do not use an application partition otherwise you would make it, you would need to make a partition like:
cn=spundaelabLDS,dc=spundaelab,dc=com
  • Then choose an account
  • Then checkmark all of the imported LDIF instances (to make it all work correctly)
  • Then when you want to connect to it with ADSI you would fill in the following
  • 1) Name (anything you want)
  • 2) Connection point check the Distinguished name and type in the distinguished name
  • 3) Computer type in the computer that has the LDS and specify the portnumber like:
  • SpundaelabDCLDS01:50001

How to backup or move the LDS database would be to use NTDSUTIL

  • First stop the instance spundaelabLDS
net stop spundaelabLDS

Then use NTDSUTIL
ntdsutil
activate instance spundaelabLDS
files
move db to d:\ldsdata
move logs to d:\ldslogs
exit
net start spundaelabLDS

Or you could use the better tool for LDS dsdbutil. This way you don't need to stop spundaelabLDS first and you can make a backup of the data that then can be shipped to the other branch office.
dsdbutil
activate instance spundaelabLDS
ifm
create full d:\backup

You can then ship it or do an authoritative restore:
net stop spundaelabLDS
authoritative restore
restore object cn=spundaelabLDS,dc=spundaelab,dc=com

If you have multiple instances of LDS running on a machine you could type
list instances

This will show the port numbers and file locations

Quick note: when you want to remove the LDS you first have to remove the instance spundaelabLDS from the controlpanel and then programs and Features. There you will find the instance spundaelabLDS.
Windows 2008

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License