jekautz
asked on
LDAPS on Windows 2003
My goal here is to get my SonicWALL TZ270 to use LDAPS with my Windows 2003 DC. Right now I cannot even verify that LDAPS is working at all.
On my Windows 2003 server, in CMD, I can "TELNET LOCALHOST 636" and it seems to make a connection to that port, but when I use LDP and connect to LOCALHOST on port 636 it says "Can't open connection.
I have been all over Google Land today and have read plenty of sites, but nothing is catching. Several sites said that all you need to do is install CA and then bam! it works. But I installed CA and it isn't working.
I read on this link LDAPS that you need certain requirements for it to work. I ran the "Certutil –VerifyStore MY" command and my printed results do not match what this article is saying. For instance, my Subject is not "CN=servername.Contoso.loc
Also I do not have the Server Authentication OID: 1.3.6.1.5.5.7.3.1 and I don't know how to get it in there.
On my Windows 2003 server, in CMD, I can "TELNET LOCALHOST 636" and it seems to make a connection to that port, but when I use LDP and connect to LOCALHOST on port 636 it says "Can't open connection.
I have been all over Google Land today and have read plenty of sites, but nothing is catching. Several sites said that all you need to do is install CA and then bam! it works. But I installed CA and it isn't working.
I read on this link LDAPS that you need certain requirements for it to work. I ran the "Certutil –VerifyStore MY" command and my printed results do not match what this article is saying. For instance, my Subject is not "CN=servername.Contoso.loc
Also I do not have the Server Authentication OID: 1.3.6.1.5.5.7.3.1 and I don't know how to get it in there.
Last Comment
ASKER
I have tried the instructions at
http://support.microsoft.c
And it doesn't work. I copied the text in Step1 and pasted into Notepad. I changed the subject to "servername.Contoso.local"
Next, I open CA and right-click on my server, all tasks, submit new request. When I pick that req file I get this error:
http://support.microsoft.c
And it doesn't work. I copied the text in Step1 and pasted into Notepad. I changed the subject to "servername.Contoso.local"
Next, I open CA and right-click on my server, all tasks, submit new request. When I pick that req file I get this error:
The request contains no certificate template information. 0x80094801 (-2146875391). Denied by policy module 0x80094801. The request does not contain a certificate template extension or the certificate template request attribute.
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
My post stalled and I did not receive the resolution from any of the posts by other members.
Windows Server 2003
Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).
129K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
http://support.microsoft.com/kb/321051
To enable LDAPS on windows server 2003 refer below link:
http://social.technet.microsoft.com/wiki/contents/articles/2980.ldap-over-ssl-ldaps-certificate.aspx
https://www.watchguard.com/help/docs/ssl/3/en-US/index_Left.html#CSHID=en-US%2Fmanage_system%2Factive_directory_auth_w-ldap-ssl.html|StartTopic=Content%2Fen-US%2Fmanage_system%2Factive_directory_auth_w-ldap-ssl.html|SkinName=WG_SSL (en-US)
http://panerarichang.blogspot.in/2012/01/how-to-enable-ldap-over-ssl.html