dsa.msc - can it use LDAPS port 636? How?

Question

I'm launching dsa.msc with the /domain switch to connect to a trusted domain (one way trust). This works fine.

DSA is using port 389 for LDAP. LDAPS is configured and verified on the target domain.

Is there any way to get DSA to use port 636? Or am I wasting time?

dsa.msc /domain=mydomain.com:636 does not work.

Answer 1

Hi. Thank you for your question and reaching out. I’d be more than happy to help you with your query

Unfortunately, it's not possible to specify the LDAP over SSL/TLS (LDAPS) port (636) in the DSA.msc command. The DSA.msc command uses the default LDAP port (389) to connect to a domain controller.

To connect to a trusted domain using LDAPS, you can use the LDP.exe tool or the Active Directory Users and Computers (ADUC) console. Both of these tools allow you to specify the LDAPS port (636) in the connection settings.

To connect using LDP.exe, launch the tool, go to the Connection menu, and click on Connect. In the Connection Settings dialog box, specify the domain controller name and port (e.g., dc1.mydomain.com:636), select the SSL option, and click OK.

To connect using ADUC, launch the console, right-click on the Active Directory Users and Computers root node, and select Connect to Domain. In the Domain field, specify the domain controller name and port (e.g., dc1.mydomain.com:636), select the Use SSL option, and click OK.

If the reply was helpful, please don’t forget to upvote or accept as answer, thank you.

Answer 2

Hi @N4

Unfortunately, it's not possible.

You can test it when you try to change domain controller from dsa.msc and you add the port 636 for LDAPS in the end of domain controller FQDN. You will get unavailable status .

Please don't forget to mark helpful answer as accepted