[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: openldap and SSL with AD

To: "'Daniel Barron'" <ldaplist@jadeb.com>, openldap-software@OpenLDAP.org
Subject: RE: openldap and SSL with AD
From: "Bennett, Tony - CNF" <Bennett.Tony@cnf.com>
Date: Fri, 14 Feb 2003 11:02:11 -0800

Daniel,
   You said "...the link below states that TLS is not supported by AD."

   This is not exactly true.  What it says is 
	"Windows 2000 does not support the Start TLS extended-request
functionality. "

   I believe what they are referring to is the LDAP Start TLS extended
request
   as documented in RFC2830 (ftp://ftp.rfc-editor.org/in-notes/rfc2830.txt).

   I don't believe that not supporting it means they are not supported TLS.

   Others... do I have this right???

-tony

-----Original Message-----
From: Daniel Barron [mailto:ldaplist@jadeb.com] 
Sent: Friday, February 14, 2003 8:33 AM
To: openldap-software@OpenLDAP.org
Subject: RE: openldap and SSL with AD

In message
<DCD82CE6D2ADD311A98E0008C7A4C929080E3904@cnfqs039.cnf.prod.cnf.com>
          "Bennett, Tony - CNF" <Bennett.Tony@cnf.com> wrote:

> Daniel,
> 
> What did you do, specifically, to ActiveDirectory to enable it to 
> "speak" TLS and use Port 636 ???

As I have learnt TLS uses port 389.  Also the link below states that TLS is
not supported by AD.

> 
> Is this ALL you did:
> 	http://support.microsoft.com/default.aspx?scid=kb%3ben-us%3b321051

No, not seen that page.  The one I used was:

http://support.microsoft.com/default.aspx?scid=KB;en-us;q247078

-- 
Daniel Barron
(Visit http://dansguardian.org/ - True web content filtering for all)

Follow-Ups:
- RE: openldap and SSL with AD
  - From: Tony Earnshaw <tonni@billy.demon.nl>

Prev by Date: RE: openldap and SSL with AD
Next by Date: Re: i have no name!
Index(es):
- Chronological
- Thread