Transitioning from 2003 domain controllers to 2012. The previous admin installed CA on the 2003 DC (we are assuming) to enable ldap over ssl but it isn't functioning correctly. I can connect using ldp.exe over ssl when I'm local on the old 2003 server, but when testing from clients it doesn't work. The error is below:
ld = ldap_sslinit("server.domain.local", 636, 1);
Error 81 = ldap_set_option(hLdap, LDAP_OPT_PROTOCOL_VERSION, 3);
Error 81 = ldap_connect(hLdap, NULL);
Server error: <empty>
Error <0x51>: Fail to connect to server.domain.local.
What would be the best option to get ldap ssl working on server 2012? The new 2012 server is in place and all the roles have been transferred. The only thing we would be currently using it for would be AD integration for our firewall, but that may change in the future. Should we migrate the CA from 2003 to 2012 and try to get that working or get rid of the 2003 CA and import a certificate from a third party?