LDAP Bind to a RODC

Posted on by Carol

Just an observation from some testing today – if you try and do an LDAP bind against a RODC you need to have the password cached, or cacheable. If the user is explicitly banned from having their password cached, the bind will fail.

We were hoping it might magically work like the userProxy object in ADLDS, but no.

I've been doing IT for 30 years, and IdM for 15. I live in Australia and build IdM solutions based on Microsoft Identity Manager. I also play the violin, but that doesn't help much with the IdM solutions.