I was trying to set up LDAPs on Windows Server and followed the steps below:
https://blogs.msdn.microsoft.com/microsoftrservertigerteam/2017/04/10/step-by-step-guide-to-setup-ldaps-on-windows-server/
Everything seemed to work fine except the server was already using port 389 and 636 so I had to choose different ports that it chose for LDAP and LDAPs and when I tried to test it using ldaps, I coudn't connect to it and below are some errors:
ld = ldap_sslinit("10.1.1.1", 51879, 1);
Error 0 = ldap_set_option(hLdap, LDAP_OPT_PROTOCOL_VERSION,
3);
Error 81 = ldap_connect(hLdap, NULL);
Server error: <empty>
Error <0x51>: Fail to connect to 10.1.1.1.
ld = ldap_sslinit("srv-test002"
, 51879, 1);
Error 81 = ldap_set_option(hLdap, LDAP_OPT_PROTOCOL_VERSION,
3);
Error 81 = ldap_connect(hLdap, NULL);
Server error: <empty>
Error <0x51>: Fail to connect to srv-test002.
ld = ldap_sslinit("srv-test002.
ctest.corp
", 51879, 1);
Error 81 = ldap_set_option(hLdap, LDAP_OPT_PROTOCOL_VERSION,
3);
Error 81 = ldap_connect(hLdap, NULL);
Server error: <empty>
Error <0x51>: Fail to connect to srv-test002.ctest.corp.
ld = ldap_sslinit("ctestldaps",
51879, 1);
Error 81 = ldap_set_option(hLdap, LDAP_OPT_PROTOCOL_VERSION,
3);
Error 81 = ldap_connect(hLdap, NULL);
Server error: <empty>
Error <0x51>: Fail to connect to ctestldaps.
ld = ldap_open("ctestldaps", 51878);
Error <0x51>: Fail to connect to ctestldaps.
ld = ldap_open("10.1.1.1", 51878);
Established connection to 10.1.1.1.
Retrieving base DSA information...
Getting 1 entries:
Dn: (RootDSE)
configurationNamingContext
: CN=Configuration,CN={0B174
EFA-94DB-4
73D-A005-B
D60D043343
0};
currentTime: 8/16/2018 5:42:51 PM Pacific Daylight Time;
dnsHostName: srv-test002.ctest.corp;
domainControllerFunctional
ity: 6 = ( WIN2012R2 );
dsServiceName: CN=NTDS Settings,CN=srv-test002$ct
estdaps,CN
=Servers,C
N=Default-
First-Site
-Name,CN=S
ites,CN=Co
nfiguratio
n,CN={0B17
4EFA-94DB-
473D-A005-
BD60D04334
30};
forestFunctionality: 2 = ( WIN2003 );
highestCommittedUSN: 14074;
isSynchronized: TRUE;
namingContexts (3): CN=Configuration,CN={0B174
EFA-94DB-4
73D-A005-B
D60D043343
0}; CN=Schema,CN=Configuration
,CN={0B174
EFA-94DB-4
73D-A005-B
D60D043343
0}; CN=srv-test002,DC=ctest,DC
=corp;
schemaNamingContext: CN=Schema,CN=Configuration
,CN={0B174
EFA-94DB-4
73D-A005-B
D60D043343
0};
serverName: CN=srv-test002$ctestdaps,C
N=Servers,
CN=Default
-First-Sit
e-Name,CN=
Sites,CN=C
onfigurati
on,CN={0B1
74EFA-94DB
-473D-A005
-BD60D0433
430};
subschemaSubentry: CN=Aggregate,CN=Schema,CN=
Configurat
ion,CN={0B
174EFA-94D
B-473D-A00
5-BD60D043
3430};
supportedCapabilities (7): 1.2.840.113556.1.4.1851 = ( ACTIVE_DIRECTORY_ADAM ); 1.2.840.113556.1.4.1670 = ( ACTIVE_DIRECTORY_V51 ); 1.2.840.113556.1.4.1791 = ( ACTIVE_DIRECTORY_LDAP_INTE
G ); 1.2.840.113556.1.4.1935 = ( ACTIVE_DIRECTORY_V61 ); 1.2.840.113556.1.4.2080 = ( ACTIVE_DIRECTORY_V61_R2 ); 1.2.840.113556.1.4.2237 = ( ACTIVE_DIRECTORY_W8 ); 1.2.840.113556.1.4.1880 = ( ACTIVE_DIRECTORY_ADAM_DIGE
ST );
supportedControl (37): 1.2.840.113556.1.4.319 = ( PAGED_RESULT ); 1.2.840.113556.1.4.801 = ( SD_FLAGS ); 1.2.840.113556.1.4.473 = ( SORT ); 1.2.840.113556.1.4.528 = ( NOTIFICATION ); 1.2.840.113556.1.4.417 = ( SHOW_DELETED ); 1.2.840.113556.1.4.619 = ( LAZY_COMMIT ); 1.2.840.113556.1.4.841 = ( DIRSYNC ); 1.2.840.113556.1.4.529 = ( EXTENDED_DN ); 1.2.840.113556.1.4.805 = ( TREE_DELETE ); 1.2.840.113556.1.4.521 = ( CROSSDOM_MOVE_TARGET ); 1.2.840.113556.1.4.970 = ( GET_STATS ); 1.2.840.113556.1.4.1338 = ( VERIFY_NAME ); 1.2.840.113556.1.4.474 = ( RESP_SORT ); 1.2.840.113556.1.4.1339 = ( DOMAIN_SCOPE ); 1.2.840.113556.1.4.1340 = ( SEARCH_OPTIONS ); 1.2.840.113556.1.4.1413 = ( PERMISSIVE_MODIFY ); 2.16.840.1.113730.3.4.9 = ( VLVREQUEST ); 2.16.840.1.113730.3.4.10 = ( VLVRESPONSE ); 1.2.840.113556.1.4.1504 = ( ASQ ); 1.2.840.113556.1.4.1852 = ( QUOTA_CONTROL ); 1.2.840.113556.1.4.802 = ( RANGE_OPTION ); 1.2.840.113556.1.4.1907 = ( SHUTDOWN_NOTIFY ); 1.2.840.113556.1.4.1948 = ( RANGE_RETRIEVAL_NOERR ); 1.2.840.113556.1.4.1974 = ( FORCE_UPDATE ); 1.2.840.113556.1.4.1341 = ( RODC_DCPROMO ); 1.2.840.113556.1.4.2026 = ( DN_INPUT ); 1.2.840.113556.1.4.2064 = ( SHOW_RECYCLED ); 1.2.840.113556.1.4.2065 = ( SHOW_DEACTIVATED_LINK ); 1.2.840.113556.1.4.2066 = ( POLICY_HINTS_DEPRECATED ); 1.2.840.113556.1.4.2090 = ( DIRSYNC_EX ); 1.2.840.113556.1.4.2205 = ( UPDATE_STATS ); 1.2.840.113556.1.4.2204 = ( TREE_DELETE_EX ); 1.2.840.113556.1.4.2206 = ( SEARCH_HINTS ); 1.2.840.113556.1.4.2211 = ( EXPECTED_ENTRY_COUNT ); 1.2.840.113556.1.4.2239 = ( POLICY_HINTS ); 1.2.840.113556.1.4.2255; 1.2.840.113556.1.4.2256;
supportedLDAPPolicies (19): MaxPoolThreads; MaxPercentDirSyncRequests;
MaxDatagramRecv; MaxReceiveBuffer; InitRecvTimeout; MaxConnections; MaxConnIdleTime; MaxPageSize; MaxBatchReturnMessages; MaxQueryDuration; MaxTempTableSize; MaxResultSetSize; MinResultSets; MaxResultSetsPerConn; MaxNotificationPerConn; MaxValRange; MaxValRangeTransitive; ThreadMemoryLimit; SystemMemoryLimitPercent;
supportedLDAPVersion (2): 3; 2;
supportedSASLMechanisms (4): GSSAPI; GSS-SPNEGO; EXTERNAL; DIGEST-MD5;
-----------
0x0 = ldap_unbind(ld);
ld = ldap_sslinit("10.1.1.1", 51879, 1);
Error 0 = ldap_set_option(hLdap, LDAP_OPT_PROTOCOL_VERSION,
3);
Error 81 = ldap_connect(hLdap, NULL);
Server error: <empty>
Error <0x51>: Fail to connect to 10.1.1.1.
ld = ldap_sslinit("10.1.1.1", 636, 1);
Error 81 = ldap_set_option(hLdap, LDAP_OPT_PROTOCOL_VERSION,
3);
Error 81 = ldap_connect(hLdap, NULL);
Server error: <empty>
Error <0x51>: Fail to connect to 10.1.1.1.
Does anyone know what the issue might be?