How to Configure Secure LDAP (LDAPS) on Windows Server 2012

Показать описание

Рекомендации по теме

Комментарии

Ur a godsend. Even AI couldnt give me proper way of enabling this.

manjuever

This works to me in Windows 2019. Thanks

nicolasdiazlozano

Lol Like the Humor. 99 Years so that i don't have to do it. 😂 Thank you for the video

bhimgrg

Hi there, is there anyways to add printers under the LDAP in Windows Server 2016?. Your reply is very much appreciated

vetribull

And that’s an example that could be replaced with the phrase. CA role installed on a DC automatically activates LDAPS.

However, that will NEVER HAPPEN on a real world scenario because of role separation.

madmaverick

How would you go about dealing with an expired LDAP certificate?

Progmium

Some the practices suggested are rather insecure, but thanks for the video anyhow, especially the restart part. Was fighting my domain controller =)

OthmanAlikhan

This is a demo folks, I don't do it on a DC either. Just saving time by not having to spin up a separate VM!

DRSmetter

Can we do setup user directoy in our local machine i.e. windows 10 operating system?

ramshukla

Excelente amigo! Muchas gracias por tan excelente aporte!

SecuriTI

It is always security concern to install PKI, never install CA on domain controllers (bad practice, bad manner even for the demonstration purpose.) Not disclosed the client access (different servers, domain members) to LDAP via secured port (required certificates on clients)

denismejanov

Hi, I'm facing simple bind failed error, and I have installed the SSL certificates on webserver keystore, still not able to establish connection. Can you help me on this?

kaverisingh

Great .. really good content and proper explanation in this video

Technicalturbo

Great video. I'm trying to find out if you can run a single DC with LDAPS but have the rest of your environment run on LDAP, or if LDAP and LDAPS can run in parallel so that regular LDAP continues to work but things that require LDAPS can authenticate that way?

squirreljester

I am attempting to integrate AD over LDAPS integration with an application, in order to do this I need to import the CA certificate into the JAVA trust keystore "cacerts" on the APP host. I can get a response on the actual DC using LDP.exe and I get ONE certificate when I use "openssl s_client -showcerts -connect HOSTNAME:636" on the client server. That being said I also get:

verify error:num=20:unable to get local issuer certificate

verify return:1

depth=0
verify error:num=27:certificate not trusted
verify return:1
depth=0
verify error:num=21:unable to verify the first certificate

I only get one cert so i import the certificate into the JAVA cacerts keystore using "keytool -import -alias LDAPS-HOSTNAME -keystore JAVAPATH\lib\security\cacerts -storepass changeit -file CAFILE.cer" this succeeds; however, when attempting to connect the client service to the LDAPS server I get:
Error executing command. Failure: 400 Bad Request. Server message: Failed to verify configuration ad: An SSL handshake error occurred while attempting to connect to LDAPS server: unable to find valid certification path to requested target.

I am not an expert at CA, in fact what I know I have learned through fumbling around with it and reading online forums. This is all for a lab environment/testing purposes so it doesn't really matter; however, i don't think this procedure generates what's needed for a client to access the DC through LDAPS.

KJL

Hello, can you do a video on how to configure a client machine to connect to this server? I tried to install the certificate and use the same ldp.exe to connect but i cannot figure it out why the certificate is not recognized as a trusted certificate.

lEduS

In a command prompt GPUpdate.exe /Force

Worked instead of a reboot for me.

phillipcox

i want to have a separate server with just ldap role and connect that to the domain controller that has AD users..how to do connect separate ldap not integrated inside dc

AmitThakorlovemeorhateme

nope, it doesn't work like that... i can't connect to this port. It's not even listed as open when I run netstat

SebastianKaczorowski

This video should be updated as SHA1 is no longer recommended and may be vulnerable to attack

charlespctech

How to Configure Secure LDAP (LDAPS) on Windows Server 2012

How to Configure Secure LDAP (LDAPS) on Windows Server 2012

LDAP - How to Configure Secure OpenLDAP Server with SSL/TLS on Ubuntu

How to Configure Secure LDAP (LDAPS) on Window Server 2012/2016

Configure Secure LDAP on UCS-C Series

LDAP - How to Configure Secure OpenLDAP Server with SSL/TLS on Ubuntu

CUCM - Configure Secure LDAP for Directory and Authentication

Configure Secure LDAP on UCS Manager

How to Configure Secure LDAP LDAPS on Windows Server 2012

Securing LDAP over SSL Safely [Windows Server 2019]

Securing LDAP with a Self Signed Certificate

How To Setup LDAP to Azure Active Directory

How to Enable LDAP Signing in Windows Server and Client Machines [Tutorial]

3 Setting up LDAP for Authentication and Creating Admins

How To Connect To LDAP Over SSL

Configuring LDAP Authentication in the Tenable.ad platform

LDAP Configuration on Windows Server

LDAP vs SAML: What's the Difference?

Google Workspace - Secure LDAP

Configure Secure LDAP to connect With Sophos XG

Cisco Email Security Appliance - Basic LDAP configuration

F5 Secure LDAP authentication.

LDAP - LDAP Profile Require SSL TLS Secured Connection - Interpreting BPA Checks - Devices

LDAP vs LDAPS: What's the Difference?

What is LDAP (Lightweight Directory Access Protocol)?