Microsoft Active Directory Lightweight Directory Service (AD LDS) concerns

Microsoft Active Directory Lightweight Directory Service (AD LDS) concerns

This section describes concerns specific to Microsoft Active Directory Lightweight Directory Service (AD LDS). The following concerns are specific to AD LDS.
Policy Server configuration allows you to select between a standard or minimal data model for the user registry. Because AD LDS allows only a single naming attribute to be used when creating LDAP objects, AD LDS requires the minimal data model. Regardless of which data model is chosen during Policy Server configuration, Security Verify Access will always use the minimal data model when AD LDS is selected as the user registry.
Because the common name (cn) value in AD LDS must be single valued, the value specified for the cn attribute must be the same value used for the distinguished name (dn) when a user or group is created and cn is used as the naming attribute in the dn.

Parent topic: LDAP concerns