Exchange Server and Active Directory Utilize the Same LDAP Ports

Article translations Article translations
Article ID: 240078 - View products that this article applies to.
This article was previously published under Q240078
Notice
This article applies to Windows 2000. Support for Windows 2000 ends on July 13, 2010. The Windows 2000 End-of-Support Solution Center is a starting point for planning your migration strategy from Windows 2000. For more information see the Microsoft Support Lifecycle Policy.
Expand all | Collapse all

SYMPTOMS

Windows 2000-based domain controllers utilize Lightweight Directory Access Protocol (LDAP) port 389 for communication to the Active Directory. This port is utilized for client queries and administrative tasks. A Windows 2000-based domain controller that is running Microsoft Exchange Server will need some modifications. Exchange Server also uses LDAP and port 389 for the LDAP communication to the Exchange server. This will cause mis-communication between what data is directed to the Active Directory and what data is directed to the Exchange Directory store.

The Active Directory and Exchange Server also listen on port 636 for LDAP Security Sockets Layer (SSL) traffic. LDAP SSL is used for secure data transmissions and will also cause mis-communication between what data is directed to the Active Directory and what data is directed to the Exchange Directory store.

CAUSE

LDAP is an industry-wide specification in accordance with Request For Comment (RFC) 2251. The LDAP "Well-known" ports have been established as 389 for LDAP and 636 for LDAP SSL. Exchange utilized this RFC as the basis for the Exchange server's LDAP ports and Windows 2000 Active Directory is also RFC 2251 compliant with the same LDAP ports.

RESOLUTION

The Exchange LDAP port can be modified to listen to another port and leave ports 389 and 636 available for the Active Directory. Exchange Server has Administrator Tools that make this possible to establish another port as the Exchange LDAP port. This process is explained in the following article in the Microsoft Knowledge Base:
224447 How To Change LDAP Port Assignments in Exchange Server

STATUS

This behavior is by design.

MORE INFORMATION

The following ports that are related to the Global Catalog are utilized by Active Directory. Exchange does not have a corresponding service.

LDAP port for Global Catalog: 3268
LDAP port for Global Catalog with SSL: 3269

Properties

Article ID: 240078 - Last Review: March 1, 2007 - Revision: 3.4
APPLIES TO
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Datacenter Server
Keywords: 
kbprb KB240078

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com