Using AD LDS as a external LDAP Proxy Server?


  • We have a requirement to allow a cloud service to allow LDAP authentication to our internal domain.

    My idea was to use AD LDS as a proxy server sitting in a DMZ.  However, most of the documentation that I've been able to find shows that the computer is also joined to our domain.  Can I configure the AD LDS partition to pull using a service account and then relay that to the cloud service when pulled?

    Is it possible to do this without the AD LDS server being connected to the domain? Any thoughts on other options?  Other ideas floated were using OpenLDAP and forwarding the TCP requests directly to the domain controller.

    Thanks in advance!

    Thursday, March 9, 2017 7:50 PM

All replies