Enterprise Software

Tech Tip: Set a search base for a successful LDAP query

Outlook 2000 and 2002 provide support for Lightweight Directory Access Protocol (LDAP) queries, which enable Outlook users to look up contacts stored in an LDAP server such as the Windows Server Active Directory. However, successfully querying an LDAP server requires a user to properly configure the server's settings and set the search base for the query.

Settings
To set the search base for an existing LDAP service in Outlook 2000, open the Mail applet in Control Panel, select Microsoft LDAP Directory, and click Properties. Enter the appropriate search base string in the Search Base field at the bottom of the General tab.

To set the search base for an existing LDAP service in Outlook 2002, open the Mail applet in Control Panel, click E-mail Accounts, select View Or Change Existing Directories Or Address Book, and click Next. Select the LDAP service, click Change, and click More Settings. Select the Search tab, and enter the appropriate search base string.

Search base
The search base defines the starting point for the search in the directory tree. For example, a user might need to query the entire directory, in which case the search base must specify the root of the directory service. Or, a user might need to query a specific organizational unit (OU) in the directory.

In this case, you might configure multiple LDAP service accounts in a user's profile to enable him or her to look up contacts for the Support, Sales, and Marketing groups separately. Each of these queries would need to have the search base point to the appropriate location in the directory service.

A search base comprises multiple objects separated by commas. These objects include:

  • cn: common name
  • ou: organizational unit
  • o: organization
  • c: country
  • dc: domain

For example, to search the Support container in the TechRepublic.com domain, you would specify a search base of:

ou=Support,dc=techrepublic,dc=com

The capability to use different search base strings to configure multiple LDAP accounts in a single profile enables users to easily search more than one LDAP server. Although users could change the search base for a single LDAP service account as needed, adding multiple services with different search bases eliminates the need for users to change settings.

Editor's Picks

Free Newsletters, In your Inbox