Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Secure LDAP with MS Active Directory

Posted on 2016-08-01
3
Medium Priority
?
66 Views
Last Modified: 2016-08-01
Hi,

I try to enable Secure LDAP on customer Windows Server 2012 R2. I have GlobaSign signed wildcard cert.
I followed this guide http://shabaztech.com/enabling-ldaps-certificate-3rd-party-ca/ for the configuration. I can see the signed cert under personal folder and its private key.

when I use LDP.exe for testing, It returned with error Cannot Open Connection. I have check the certificate OID and is compatible.
what else I can check?

much appreciate any helps..

thanks
0
Comment
Question by:hell_angel
  • 2
3 Comments
 

Author Comment

by:hell_angel
ID: 41737255
Additional info.

my wildcard cert is root domain cert, and my server is child domain.
does this setup supported?
0
 
LVL 30

Accepted Solution

by:
Rich Weissler earned 2000 total points
ID: 41737454
> my wildcard cert is root domain cert, and my server is child domain.
> does this setup supported?


That could be your problem if everything else was done correctly.  From my past experience with wildcards, the answer is 'no', the wildcard matches a single level of the hierarchy.  If, for example, you had a certificate for '*.domainname.com', it would match for 'DC.domainname.com'... but your child domain domain controller would be 'DC.child.domainname.com'.
0
 
LVL 30

Expert Comment

by:Rich Weissler
ID: 41737469
If you have OpenSSL, one helpful tool in there is the ssl client, which can confirm certificates, etc... in the form:
OpenSSL s_client -connect [host_fqdn]:[port]
where the port for LDAPS should be 636 by default.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windows 10 Creator Update has just been released and I have it working very well on my laptop. Read below for issues, fixes and ideas.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question