System Event ID 36876 When Using LDAP SSL Query of the Active Directory

This article was previously published under Q254610
This article has been archived. It is offered "as is" and will no longer be updated.
When you attempt to perform Active Directory LDAP queries using a secure connection (SSL), you may receive the following error message:
There are no entries in the directory service that match your search criteria.
Also, the following error message may be added to the System Event Log:

Type: Error
Event ID: 36876
Category: None

The certificate received from the remote server has not validated correctly. The error code is 0x80090322.The SSL connection has failed. The attached data contains the server certificate.
This issue can occur if the Active Directory Account Properties are missing or incorrectly configured.
To resolve this issue, view and correct the Active Directory properties:
  1. Click Start, point to Programs, point to Accessories, and then click Address Book.
  2. On the Tools menu, click Accounts.
  3. Click Active Directory, and then click Properties.
  4. In the Server name box, type the fully qualified name for the computer that contains the Active Directory. For example, type the name using the following syntax
    where computername is the name of your computer, domain is the name of your domain, and com is the extenstion of your domain.
    If the server requires you to log on, click to select the This server requires me to log on check box, and then type the account name and password in the Account name and Password boxes.
  5. On the Advanced tab, click the This server requires a secure connection (SSL) check box to enable secure LDAP queries.

    NOTE: SSL communications use port 636.
  6. In the Search base box, type the domain name and extension using the following syntax:
  7. Click OK to apply the changes.
For additional information about configuring clients for Active Directory searches, click the article number below to view the article in the Microsoft Knowledge Base:
238007 How to Configure Address Book to Query Users in Active Directory

For additional information about how to enable Secure Socket Layer (SSL) communication over LDAP, click the article number below to view the article in the Microsoft Knowledge Base:
247078 How To Enable Secure Socket Layer (SSL) Communication Over LDAP

Article ID: 254610 - Last Review: 12/05/2015 18:43:51 - Revision: 3.2

Microsoft Windows 2000 Server, Microsoft Windows 2000 Advanced Server, Microsoft Windows 2000 Professional Edition

  • kbnosurvey kbarchive kbenv kberrmsg kbnetwork kbprb KB254610