Go Back   TechArena Community > Technical Support > Computer Help > Windows Server > Active Directory
AD LDS SSL does not work AD LDS SSL does not work
Become a Member!
Forgot your username/password?
Register Tags Active Topics RSS Search Mark Forums Read SiteMap

Tags: , , , , ,

Sponsored Links



AD LDS SSL does not work

Active Directory


Reply
 
Thread Tools Search this Thread
  #1  
Old 16-12-2009
Member
  
Join Date: Dec 2009
Posts: 1
AD LDS SSL does not work
Hi,

I'm currently trying to get SSL on AD LDS on W2K8 R2 x64 up and running. I already have installed a certificate for the AD LDS service account. When I use LDP.EXE on the local system, I can get an SSL connection without any problem. When I use LDP.exe on a different W2K8 system, I can also get an SSL connection without any problems. So the certificate is ok and the connection to the system works as well.

However, I need to create an SSL connection from a W2K3 system to my AD LDS on W2K8. And this always fails. It also fails from a java application - the is the application that finally needs to access the AD LDS system.

I looked at the AD LDS event log and found the following error message:
Client network address:
192.168.105.10:4614
Protocol:
TCP

Additional Data
Error value:
2148074289 The client and server cannot communicate, because they do not possess a common algorithm.
Internal ID:
c050707


When I look at the data that Wireshark captures, I can see a SSL v2 Client Hello, but afterwards the server terminates the connection. The SSL v2 client hello contains a number of Ciphers, where at least some should be known by the AD LDS system.

When I look at the captured data from the W2K8 system where the connection works, I can see an SSL (not v2) handshake, that contains some more ciphers (e.g. with AES, which are not present in the client hello of the W2K3 system).

Can anybody give me hint what I need to do in order to be able to use SSL connections from the W2K3 system? Thanks a lot in advance!

Best regards
Holger
Reply With Quote
  #2  
Old 26-05-2011
Member
  
Join Date: Mar 2010
Posts: 305
Re: AD LDS SSL does not work
It is possible to connect to the instances. For example, consider as a first step in ADSI Edit, if all necessary schema classes and attributes are present. For this one opens by right clicking on ADSI Edit > Connect to the naming context scheme. Important is to use the server name (if the local host) followed by a colon and the specified when setting up the appropriate port authority, in our example localhost: 10001 for a non SSL secured LDAP connection. The full LDAP path is therefore: LDAP: / / localhost: 10001/Schema. Refer the link for more detailed information.

Configuring LDAP over SSL Requirements for AD LDS
Reply With Quote
Reply

  TechArena Community > Technical Support > Computer Help > Windows Server > Active Directory

« domain users can't print to shared printer but admin can    what is the time source of domain member server when ntpserverdefined »

Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads for: "AD LDS SSL does not work"
Thread Thread Starter Forum Replies Last Post
My real 'player download' does not work on firefox but will work on I.E.? tREYTON Technology & Internet 5 19-08-2010 02:02 AM
MSP updates actual work when editing work in resource usage view sTu_Deimus Microsoft Project 6 11-05-2010 07:10 PM
Work and Actual Work in the Resource Usage View Bobg Microsoft Project 4 02-11-2009 11:49 PM
Work with partitions in Windows Vista when Disk Management doesn’t work FlashX Tips & Tweaks 1 06-01-2009 12:01 PM
HP LaserJet 1010 don't work in Vista since Beta2 - Advanced 1384 Printing Support drivers for XP don't work Alexey Vista Help 2 19-10-2006 06:35 AM


All times are GMT +5.5. The time now is 11:41 PM.

Contact Us - TechArena - Privacy Statement -