How To Enable Secure Socket Layer (SSL) Communication over LDAP for Windows 2000 Domain Controllers

Article ID: 247078 - View products that this article applies to.
This article was previously published under Q247078
Notice
This article applies to Windows 2000. Support for Windows 2000 ends on July 13, 2010. The Windows 2000 End-of-Support Solution Center
(http://support.microsoft.com/?scid=http%3a%2f%2fsupport.microsoft.com%2fwin2000)
is a starting point for planning your migration strategy from Windows 2000. For more information see the Microsoft Support Lifecycle Policy
(http://support.microsoft.com/lifecycle/)
.
Notice
This article applies to Windows 2000. Support for Windows 2000 ends on July 13, 2010. The Windows 2000 End-of-Support Solution Center
(http://support.microsoft.com/?scid=http%3a%2f%2fsupport.microsoft.com%2fwin2000)
is a starting point for planning your migration strategy from Windows 2000. For more information see the Microsoft Support Lifecycle Policy
(http://support.microsoft.com/lifecycle/)
.
Expand all | Collapse all

On This Page

SUMMARY

During the configuration of security settings for the Active Directory in Windows 2000, administrators may want to implement additional security measures for accessing the Active Directory. Windows 2000 provides Secure Sockets Layer (SSL) security over Lightweight Directory Access Protocol (LDAP). After you install the certificate, the Domain Controllers can communicate over both ports 389 or 636(SSL).

Enabling SSL

Install an Enterprise Certificate Authority on a Windows 2000 server. All Domain Controllers in the forest will automatically enroll for and install the appropriate certificate.

When you install an Enterprise Certificate Authority, all Domain Controllers automatically request a certificate and can support LDAP using SSL port 636.

Back to the top | Give Feedback

REFERENCES

For additional information about how to configure clients, click the following article number to view the article in the Microsoft Knowledge Base:
238007
(http://support.microsoft.com/kb/238007/EN-US/ )
How to Configure the Address Book to Query Users Contained in Active Directory


Back to the top | Give Feedback

Properties

Article ID: 247078 - Last Review: October 31, 2006 - Revision: 5.4
APPLIES TO
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional Edition
  • Microsoft Windows 2000 Datacenter Server
Keywords: 
kbenv kbhowtomaster KB247078
Back to the top | Give Feedback

Give Feedback

 
Back to the topBack to the top