LDAP Paths in Active Directory

I’ve recently been involved in setting up a number of SaaS applications for my organisation which use our on-premises Active Directory to authenticate users.

Whilst most of the time constructing a LDAP Distinguished Name from an AD tool such as Active Directory Users and Computers is straightforward, it’s easy to mis-spell an OU or miss out a layer in a complex hierarchy.

The right tool for the job is ADSI Edit -“Active Directory Services Interface”. This provides the full Distinguished Name for every object- be it an Organisational Unit, User, Computer, Group, Organisational Unit etc. which can be copied from the listing.

The ADSI Edit Window

For more information about ADSI Edit- visit the Microsoft TechNet Pages.