LDAPS on Windows 2003

My goal here is to get my SonicWALL TZ270 to use LDAPS with my Windows 2003 DC.  Right now I cannot even verify that LDAPS is working at all.

On my Windows 2003 server, in CMD, I can "TELNET LOCALHOST 636" and it seems to make a connection to that port, but when I use LDP and connect to LOCALHOST on port 636 it says "Can't open connection.

I have been all over Google Land today and have read plenty of sites, but nothing is catching.  Several sites said that all you need to do is install CA and then bam! it works.  But I installed CA and it isn't working.

I read on this link LDAPS that you need certain requirements for it to work.  I ran the "Certutil –VerifyStore MY" command and my printed results do not match what this article is saying.  For instance, my Subject is not "CN=servername.Contoso.local" it is "CN=servername, DC=Contoso, DC=Local".  I'm not sure that it matters.

Also I do not have the Server Authentication OID: and I don't know how to get it in there.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jekautzAuthor Commented:
I have tried the instructions at


And it doesn't work.  I copied the text in Step1 and pasted into Notepad.  I changed the subject to "servername.Contoso.local", (and I also tried "CN=servername, DC=Contoso, DC=Local"), saved the file as request.inf and used certreq to turn it into a req file.

Next, I open CA and right-click on my server, all tasks, submit new request. When I pick that req file I get this error:

The request contains no certificate template information. 0x80094801 (-2146875391). Denied by policy module 0x80094801. The request does not contain a certificate template extension or the certificate template request attribute.
jekautzAuthor Commented:
I solved the CA error by uninstalling my Enterprise CA and installing a Standalone Root CA.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jekautzAuthor Commented:
My post stalled and I did not receive the resolution from any of the posts by other members.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.