AD user limited to read ldap only

madistan · #1 08-01-2009

I have a non-windows devices which needs to read AD LDAP. The device uses a AD username and password to access the LDAP info. Call me paranoid but if someone should happen to access the device and extract the user/password I would like to at least prevent the user from logging on to the network. Is is possible to create a user account that can only read ldap, and not have any other permissions?

Thanks for any help.

TWG Tech · #2 29-01-2009

Add your user to these Rights...

SeDenyBatchLogonRight
SeDenyInteractiveLogonRight
SeDenyRemoteInteractiveLogonRight
SeDenyServiceLogonRight

Do not remove the SeDenyNetworkLogonRight. This allows a user to authenticate over the network.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search

Similar Threads for: "AD user limited to read ldap only"
Thread	Thread Starter	Forum	Replies	Last Post
Query LDAP to get user Telephone	Omar Rodríguez	Active Directory	1	10-06-2009 07:00 PM
Standard user account not limited	gaucho91	Vista Administration	1	20-12-2008 02:45 AM
LDAP user authentication error with VBScript from ASP	mirin	Active Directory	2	02-09-2007 12:13 PM
LDAP - Help please, user creation and settings	Kane T	Server Scripting	3	26-10-2006 01:41 AM
User permissions to read LDAP	Galvanon	Windows 2000 Active Directory	8	14-05-2006 07:13 PM

AD user limited to read ldap only

Windows Security