Active Directory Lightweight Directory Services Operations Guide
Applies To: Windows Server 2008
Active Directory® Lightweight Directory Services (AD LDS) is a Lightweight Directory Access Protocol (LDAP) directory service that provides flexible support for directory-enabled applications, without the dependencies that are required for Active Directory Domain Services (AD DS). AD LDS provides much of the same functionality as AD DS, but it does not require the deployment of domains or domain controllers. You can run multiple instances of AD LDS concurrently on a single computer, with an independently managed schema for each AD LDS instance. For more information, see Active Directory Lightweight Directory Services Overview.
The Active Directory Lightweight Directory Services Operations Guide provides administering information for AD LDS technologies in the Windows Server® 2008 operating system. This information includes detailed procedures for managing AD LDS instances, directory partitions, sites, replication and configuration sets, users, and groups.
In this guide
You may experience issues with network services that depend on the User Datagram Protocol (UDP) after you install the Domain Name System (DNS) Server service security update 953230 (MS08-037) and then restart the computer on which you are running AD LDS instances. The DNS Server service security update 953230 allows the DNS server to randomly allocate 2500 UDP ports from ephemeral port range of 49152 to 65535. For more information, see Microsoft Security Bulletin MS08-037 – Important: Vulnerabilities in DNS Could Allow Spoofing (953230) (http://go.microsoft.com/fwlink/?LinkId=148634). To mitigate any problems that the installation of this security update might cause, see AD LDS service start fails with error "setup could not start the service..." + error code 8007041d (http://go.microsoft.com/fwlink/?LinkID=145140).
If you install security update 951746 on your Windows Server 2008 R2–based and Windows Server 2008–based computers, the DNS server’s method of port allocation changes, and this change might prevent AD LDS from obtaining the port that it requires to function correctly. For more information, see article 959215 in the Microsoft Knowledge Base (http://go.microsoft.com/fwlink/?LinkId=157712).
Produced by: Microsoft Directory and Access Services (DAS) IT Pro Content Team
Writer: Gayana Bagdasaryan
Editors: Jim Becker, Fran Tooke
Technical reviewers: Omar Sinno, Matthew Rimer, Andy Siow