Manage an AD LDS Instance Using ADSI Edit

Applies To: Windows Server 2008

You can use this procedure and Active Directory Service Interfaces (ADSI) Edit Microsoft Management Console (MMC) snap-in for general administration of Active Directory Lightweight Directory Services (AD LDS). ADSI Edit is installed as part of the AD LDS and Active Directory Domain Services (AD DS) server roles. To use ADSI Edit to administer an AD LDS instance, you must first connect and bind to the instance. You can administer containers and objects in the instance by browsing to the containers or objects and then right-clicking them.

Membership in Administrators, or equivalent, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (

To manage an AD LDS instance by using ADSI Edit

  1. Click Start, point to Administrative Tools, and then click ADSI Edit.

  2. In the console tree, click ADSI Edit.

  3. On the Action menu, click Connect to. The Connection Settings dialog box appears.

  4. In Name, you can type a label under which this connection will appear in the console tree of ADSI Edit.

  5. Under Connection point, you can click Select or type a Distinguished Name or Naming Context, and then specify the distinguished name to which you want to connect, or you can click Select a well-known naming context, and then click Configuration, RootDSE, or Schema.

  6. In Select or type a domain or server: (Server | Domain[:port], type the Domain Name System (DNS) name, NetBIOS name, or IP address of the computer on which the AD LDS instance is running, followed by a colon (:) and the Lightweight Directory Access Protocol (LDAP) communication port that the AD LDS instance to which you want to connect is using, and then click OK.

  7. In the console tree, double-click connectionname[hostname], where connectionname is the name of the connection and hostname is the name of the computer on which the directory partition is stored.

  8. In the console tree, double-click a directory partition object to view its top-level containers.

  9. In the console tree, double-click a top-level container to view the next level of objects in that container.

  10. Do one of the following:

    • Continue to double-click the next lowest container level to continue to move down a directory tree branch.

    • To view a directory object at the current directory level, in the details pane, double-click the directory object.

  11. To close ADSI Edit, on the File menu, click Exit.

Additional Considerations

  • To create additional connections to AD LDS instances, on the Action menu, click Connect to for each new connection.

  • The default communication port for LDAP is 389.

  • To connect to an AD LDS instance that is running on the local computer, type localhost as the server name.