LDP Notes

The schema defines objects as well as the attributes and permissible values for each. Schema classes that contain attribute information about objects can be viewed. Search the cn=Schema,cn=Configuration,dc=ForestRootDomain for classSchema objects to view this information.

There are several authentication methods available in LDP that allow a client to bind to an LDAP server. The best method depends on several factors.

Method	Description
Simple	Clear text password. Try not to use this as it is not secure.
MSN	MSN (Microsoft Network) authentication. This package may bring up UI to prompt the user for MSN credentials.
DPA	Normandy authentication, new MSN authentication. Same usage as MSN.
NTLM	NT domain authentication. Use NULL credentials and attempt to use default logged in user credentials.
Sicily	Negotiate with the server for any of: MSN, DPA, NTLM. Should be used for LDAPv2 servers only.
Negotiate	Use GSSAPI Negotiate package to negotiate security package of either Kerberos V5 or NTLM (or any other package the client and server negotiate). Pass in NULL credentials to specify default logged in user. If Negotiate package is not installed on server or client, this will fall back to Sicily negotiation.

LDP Notes

Finding Required and Optional Values for an Attribute

Understanding Bind Options for LDAP Authentication