?
Solved

Secure LDAP in 2003.

Posted on 2010-11-16
8
Medium Priority
?
737 Views
Last Modified: 2013-12-04
Hi,
we are planning to enable secure LDAP for my active directory infrastructure. We have all of our DCs running on 2003 servers in 32 bit platform.
Somebody telling me that 2003 is already running on secure LDAP and i m also able to connect thru LDP.exe to my domain on port 636. does it proves that secure LDAP is there ?

Please suggest on this..
0
Comment
Question by:pdixit1977
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 34148807
Yes if you connect over 636 you are using ldap over ssl

if you couldn't connect via port 636 you would get an error "can't connect or open" > not sure of the exact errror off the top of my head.

Thanks

Mike
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 34148820
I should have googled first :)

http://www.expta.com/2009/11/how-to-test-ldap-over-ssl-connections.html  >> the exact error if it wasn't working is  "Cannot open connection,"

...and if you had isssues the AD team has a great blog entry   http://blogs.technet.com/b/askds/archive/2008/03/13/troubleshooting-ldap-over-ssl.aspx

Thanks
Mike
0
 

Author Comment

by:pdixit1977
ID: 34148841
BUT i m able to connect on both 389 adn 636 ports. what does that means ?
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 57

Expert Comment

by:Mike Kline
ID: 34148863
you can use either (it is not one or the other)

port 389 is the default LDAP port.
0
 

Author Comment

by:pdixit1977
ID: 34148889
but i dont want to connect over 389 (normal LDAP). how can i configure my domain controllers and apps so that they connect on Secure LDAP only ?
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 1000 total points
ID: 34149513
Not sure if that is possible, (meaning every app using LDAP/SSL).  I'll let you know if I find something though.
0
 

Author Comment

by:pdixit1977
ID: 34155068
thanks mkline71. will wait for your suggestions on this.

Anybody else can advice on this..
0
 

Author Closing Comment

by:pdixit1977
ID: 34535038
thanks
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question