[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: openldap and SSL with AD



Daniel,
   You said "...the link below states that TLS is not supported by AD."

   This is not exactly true.  What it says is 
	"Windows 2000 does not support the Start TLS extended-request
functionality. "

   I believe what they are referring to is the LDAP Start TLS extended
request
   as documented in RFC2830 (ftp://ftp.rfc-editor.org/in-notes/rfc2830.txt).

   I don't believe that not supporting it means they are not supported TLS.

   Others... do I have this right???

-tony

-----Original Message-----
From: Daniel Barron [mailto:ldaplist@jadeb.com] 
Sent: Friday, February 14, 2003 8:33 AM
To: openldap-software@OpenLDAP.org
Subject: RE: openldap and SSL with AD


In message
<DCD82CE6D2ADD311A98E0008C7A4C929080E3904@cnfqs039.cnf.prod.cnf.com>
          "Bennett, Tony - CNF" <Bennett.Tony@cnf.com> wrote:

> Daniel,
> 
> What did you do, specifically, to ActiveDirectory to enable it to 
> "speak" TLS and use Port 636 ???

As I have learnt TLS uses port 389.  Also the link below states that TLS is
not supported by AD.

> 
> Is this ALL you did:
> 	http://support.microsoft.com/default.aspx?scid=kb%3ben-us%3b321051

No, not seen that page.  The one I used was:

http://support.microsoft.com/default.aspx?scid=KB;en-us;q247078


-- 
Daniel Barron
(Visit http://dansguardian.org/ - True web content filtering for all)