Windows Server 2008 R2 Domain Controller has been setup previously as a CA root for the domain. Initially the install was configured as Standalone. I have performed the process of backup CA keys, config, uninstall, reboot, reinstall CA as Enterprise, then restore CA keys, config. As I understand it, LDAPS should be enabled by default for an Enterprise root CA. The reinstall did not enable LDAPS, as far as I can tell. Running ldp.exe to connect to port 636 does not allow connection.
I have been thinking on just creating a subordinate CA on another server, though unsure about this being the solution due to issue at root CA.