?
Solved

Secure LDAP with MS Active Directory

Posted on 2016-08-01
3
Medium Priority
?
54 Views
Last Modified: 2016-08-01
Hi,

I try to enable Secure LDAP on customer Windows Server 2012 R2. I have GlobaSign signed wildcard cert.
I followed this guide http://shabaztech.com/enabling-ldaps-certificate-3rd-party-ca/ for the configuration. I can see the signed cert under personal folder and its private key.

when I use LDP.exe for testing, It returned with error Cannot Open Connection. I have check the certificate OID and is compatible.
what else I can check?

much appreciate any helps..

thanks
0
Comment
Question by:hell_angel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 

Author Comment

by:hell_angel
ID: 41737255
Additional info.

my wildcard cert is root domain cert, and my server is child domain.
does this setup supported?
0
 
LVL 30

Accepted Solution

by:
Rich Weissler earned 2000 total points
ID: 41737454
> my wildcard cert is root domain cert, and my server is child domain.
> does this setup supported?


That could be your problem if everything else was done correctly.  From my past experience with wildcards, the answer is 'no', the wildcard matches a single level of the hierarchy.  If, for example, you had a certificate for '*.domainname.com', it would match for 'DC.domainname.com'... but your child domain domain controller would be 'DC.child.domainname.com'.
0
 
LVL 30

Expert Comment

by:Rich Weissler
ID: 41737469
If you have OpenSSL, one helpful tool in there is the ssl client, which can confirm certificates, etc... in the form:
OpenSSL s_client -connect [host_fqdn]:[port]
where the port for LDAPS should be 636 by default.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
When asking a question in a forum or creating documentation, screenshots are vital tools that can convey a lot more information and save you and your reader a lot of time
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question