I have a test domain with one domain controller. On it I have imported the root and issuing CA certificates to the appropriate certificate stores for the entire computer and have done that for every computer on the domain as well. I then imported a certificate into the NTDS Personal Certificate Store that was issued by the Issuing CA (certificate imported by double clicking on a .pfx file and following the prompts). The issued certificate has Server Authentication, a CN and SAN that match the fully qualified domain name of the domain controller, and is not expired or revoked. After setting this up I restarted the domain controller. When I try to connect via ldp.exe (using the FQDN) from another computer on the domain I am unable to connect. All ports are open so there is no firewall issue. What else can it be?
Active Directory LDAPS – Troubleshooting Connection Issues
active-directoryldapssl
Related Topic
- Ssl – Active Directory LDAPS Somehow Holding on to the Expired Certificate
- Ssl – Enabling LDAPS: Cannot get to open port 636
- Ssl – AD server not using cert for Active Directory LDAP + SSL
- Active Directory, wildcard security certificate, and remote access
- Active Directory – Managing Multiple Certificates with LDAPS and RFC6125
- IIS – How to Install CER and P7B Certificates for Use in IIS
Best Answer
Trouble shooting:
Telnet to it and see if you get an empty screen with a blinking cursor.
Use the Ldp.exe tool on the domain controller to try to connect to the server by using port 636 If you cannot connect to the server by using port 636, what are the errors that Ldp.exe generates?