Microsoft KB Archive/247078

= How To Enable Secure Socket Layer (SSL) Communication over LDAP for Windows 2000 Domain Controllers =

Article ID: 247078

Article Last Modified on 10/31/2006

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Professional Edition
 * Microsoft Windows 2000 Datacenter Server

-



This article was previously published under Q247078





IN THIS TASK

 * SUMMARY
 * Enabling SSL
 * REFERENCES



SUMMARY
During the configuration of security settings for the Active Directory in Windows 2000, administrators may want to implement additional security measures for accessing the Active Directory. Windows 2000 provides Secure Sockets Layer (SSL) security over Lightweight Directory Access Protocol (LDAP). After you install the certificate, the Domain Controllers can communicate over both ports 389 or 636(SSL).

back to the top

Enabling SSL
Install an Enterprise Certificate Authority on a Windows 2000 server. All Domain Controllers in the forest will automatically enroll for and install the appropriate certificate.

When you install an Enterprise Certificate Authority, all Domain Controllers automatically request a certificate and can support LDAP using SSL port 636.

back to the top

