Microsoft KB Archive/238007

= How to Configure the Address Book to Query Users Contained in Active Directory =

Article ID: 238007

Article Last Modified on 1/24/2007

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Professional Edition
 * Microsoft Windows 2000 Datacenter Server
 * Microsoft Outlook Express 5.5
 * Microsoft Outlook Express 5.01 Service Pack 2
 * Microsoft Outlook Express 5.0
 * Microsoft Outlook Express 4.01
 * Microsoft Outlook Express 4.0
 * Microsoft Windows 98 Standard Edition
 * Microsoft Windows NT Workstation 4.0 Developer Edition

-



This article was previously published under Q238007



SUMMARY
The Address Book is the default search client that ships with Windows 2000 and Microsoft Internet Explorer 5. It is a high-level Lightweight Directory Access Protocol (LDAP) client, and LDAP does not support users specifying filters for a search. Instead, you can input the string for the filter and the Ambiguous Name Resolution (ANR) set is used.



Windows 2000 Considerations
When you install Windows 2000, the Address Book is configured to search a particular Active Directory server. You are not required to specify a Base Distinguished Name (BaseDN) or a server name. Setup configures the BaseDN and server name, and they are displayed as null.

To view Active Directory properties:
 * 1) Click Start, point to Programs, point to Accessories, and then click Address Book.
 * 2) On the Tools menu, click Accounts.
 * 3) When the Internet Accounts dialog box is displayed, you can add, remove, or modify an existing account by selecting the appropriate account, and then clicking Properties.

NOTE: The Server name and Account name fields are displayed as null. The Locator service caches the actual server and account name. When you log on to a workstation, the Locator service attempts to find a domain controller. The name of the domain controller detected by the Locator service is used as the server name, and the account that you use to log on serves as the account name.

Downlevel Client Considerations with the Address Book
Internet Explorer 5 is considered a downlevel client when it is installed on a computer running Microsoft Windows 98 or Microsoft Windows NT 4.0. To use the Address Book to search Active Directory, you must configure the following items:
 * Server name
 * BaseDN
 * Account name (if not validating against Active Directory)

To configure the Address Book with downlevel clients:
 * 1) Install Internet Explorer 5 (if it is not currently installed).
 * 2) Click Start, point to Programs, point to Accessories, and then click Address Book.
 * 3) On the Tools menu, click Accounts.
 * 4) To add a new account, click Add. This starts the Internet Connection wizard.
 * 5) In the Internet directory (LDAP) server box, type the name of an LDAP server (Windows 2000 domain controller). You can also type the domain name, but do not use the fully qualified domain name (FQDN) in either case.
 * 6) Click Next, click Next, and then click Finish.
 * 7) The account you just created is not displayed in the list. Click to select the account, and then click Properties.
 * 8) Click to select the This server requires me to log on check box.
 * 9) In the Account name box, type  \, where   is the name of your domain and   is the user's name. In the Password box, type the appropriate password.
 * 10) On the Advanced tab, the value displayed in the Directory service (LDAP) box is 3268 by default (the global catalog port). If you clear the Directory service (LDAP) box and click Use Default, the value changes to 389. If you use 389, you need to type data the Search Base box (it should read DC=domainname,DC=com).

NOTE: Port 3268 is recommended for most searches. Also, if you select the This server requires a secure connection (SSL) check box on the Advanced tab, the port number is changed to 636. If you are using port 636 to search, ensure that the Search base box is populated with the correct base DN (that is, DC=domainname,DC=com).
 * 1) Click OK to save the changes.

To search for a user in Active Directory:
 * 1) Click Start, point to Programs, point to Accessories, and then click Address Book.
 * 2) Click Find People.
 * 3) In the Look In box, click Active Directory (for Windows 2000 clients) or the name you chose in step 5 above.
 * 4) Type a user's name or e-mail address, and then click Find Now.
 * 5) When the user account is displayed, you can view the user's properties or add the user to the Address Book.

For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

254610 System Event ID 36876 When Using LDAP SSL Query of the Active Directory

Keywords: kbenv kbhowto KB238007

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.