Active Directory Lightweight Directory Services [AD LDS]

Posted on IT Expert By IT Expert No Comments on Active Directory Lightweight Directory Services [AD LDS]

Active Directory Lightweight Directory Services (AD LDS) was originally a downloadable add-on to Windows Server called Active Directory Application Mode (ADAM). In Windows Server 2008 this became an additional role included in the operating system. You may want to see the following interesting articles: What happens when WDS and DNS are installed on the same Windows Server? DNS issues with WDS, What is Lightweight Directory Access Protocol, and Guide on federating ADFS with Azure Active Directory.

AD LDS uses the same code as AD DS and thus provides some of the same functionality. As you will see, it provides a lot of the same functionality but is also flexible enough to offer additional options that are not possible using AD DS.

Active Directory Lightweight Directory Services

AD LDS Example: In this example, a user needs to access a web server. This web server has been placed on a perimeter network and separated from the internet and the internal network by a firewall.

The web server needs to be able to authenticate users. However, the company does not want to place a Domain Controller on the perimeter network for security reasons. Rather than install a Domain Controller on the perimeter network. Another option is to install AD LDS on the web server.

Since it uses the same code base as a Domain Controller. It can authenticate users the same way a Domain Controller would. The user’s database is replicated from a Domain Controller on the commercial network to the perimeter network to achieve this.

AD LDS also allows you to choose which data you want to replicate. For example, you could choose to replicate the user data but not the group data. AD LDS also supports additional data to be added.

This means additional data can be added that the web server. This can be accessed through AD LDS. This means this additional data does not need to be added to AD DS.

This solution helps keep Active Directory secure and also helps prevents extra data from being added to the database.

I hope you found this blog post helpful. If you have any questions, please let me know in the comment session.

5/5 - (1 vote)
Windows Server Tags:, ,

Related Posts

More Related Articles

VPNonWindows Configure VPN on Windows Server: How to allow remote VPN Access for Domain or Local Users Windows Server
How To Update WinPE Boot Images With Windows UEFI CA Cert Update WinPE Boot Images with Windows UEFI CA Certificates [Part 2] Windows Server
Configure Data Deduplication on Windows Server Video on how to Configure Data Deduplication on Windows Server Windows Server
what is winrm Determine Windows PowerShell version and see if WinRM is running via Test-WSMan Windows Server
xyxc How to link a removable media to a Deployment Share: Replicate Deployment share to a removable device Windows Server
Windows 11 taskbar features remove 1 How to modify Windows 11 Taskbar via Intune and GPO Windows

Leave a Reply