Forum Discussion

Arif_Shaikh's avatar
Arif_Shaikh
Copper Contributor
Sep 10, 2021

LDAP over SSL using third party SSL

I configure LDAP on windows 2016 DC and during setup I selected default port 50001 for SSL. After installing third party SSL I can only connect to LDAP over SSL on default prot 636 but not on port 50...
Active Directory
windows server
Arif_Shaikh's avatar
Arif_Shaikh
Copper Contributor
Sep 10, 2021
I went through this article and decided to use third party SSL instead installing CA on DC.
I can test connect on port 636 without any errors but can not on port 50001
Seshadrr's avatar
Seshadrr
Iron Contributor
Sep 10, 2021
Do you have AD DS service also running on same server?
  • Arif_Shaikh's avatar
    Arif_Shaikh
    Copper Contributor
    Sep 11, 2021
    This is a domain controller.
    • Sanjay78's avatar
      Sanjay78
      Copper Contributor
      Sep 16, 2021
      Please check Windows Firewall on same server if If port is blocked or temporary Turn off the Firewall using below command. If you have third party AV firewalll you also need disable it.
      Netsh Advfirewall set allprofile state off.
      • Arif_Shaikh's avatar
        Arif_Shaikh
        Copper Contributor
        Sep 21, 2021

        I have already added rule to allow incoming traffic on port 50000-50001. I turned off the firewall completely and it still same error. It also register following error in event logs:

        Log Name: System
        Source: Schannel
        Date: 21/09/2021 9:56:03 PM
        Event ID: 36870
        Task Category: None
        Level: Error
        Keywords:
        User: SYSTEM
        Computer: DC3.domain.com
        Description:
        A fatal error occurred when attempting to access the TLS server credential private key. The error code returned from the cryptographic module is 0x8009030D. The internal error state is 10001.
        Event Xml:
        <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
        <System>
        <Provider Name="Schannel" Guid="{1F678132-5938-4686-9FDC-C8FF68F15C85}" />
        <EventID>36870</EventID>
        <Version>0</Version>
        <Level>2</Level>
        <Task>0</Task>
        <Opcode>0</Opcode>
        <Keywords>0x8000000000000000</Keywords>
        <TimeCreated SystemTime="2021-09-21T11:56:03.877877700Z" />
        <EventRecordID>24833</EventRecordID>
        <Correlation ActivityID="{307C8C55-9B87-0002-638C-7C30879BD701}" />
        <Execution ProcessID="812" ThreadID="1708" />
        <Channel>System</Channel>
        <Computer>DC3</Computer>
        <Security UserID="S-1-5-18" />
        </System>
        <EventData>
        <Data Name="Type">server</Data>
        <Data Name="ErrorCode">0x8009030d</Data>
        <Data Name="ErrorStatus">10001</Data>
        </EventData>
        </Event>

Resources