Unable to connect to Azure AD DS LDAPS on port 636

Veshant Chettiar 0 Reputation points
Microsoft Entra
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,460 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Marilee Turscak-MSFT 36,246 Reputation points Microsoft Employee

    Hi @Veshant Chettiar ,

    Thanks for your post! I understand that you are unable to connect to Azure AD DS LDAPS on port 636.

    To resolve this error, please confirm the following:

    -Ensure that your NSG settings allow the traffic to port 636 from the internet (inbound security rule allowing TCP/636 from the client IP address)

    -Ensure that you have a certificate installed on the DC. That certificate must be trusted on the client.

    -Verify the secure LDAP certificate for your managed domain has the DNS name in the Subject or the Subject Alternative Names attribute.

    If you have already confirmed the NSG settings and the certificate configuration, you can check the errors generated by Ldp.exe to get more information about why the connection might be failing. You can also check the Event Viewer logs for information and errors that will help you troubleshoot. If you still face this issue after checking these errors and verifying the settings, please share what errors you are seeing so that I can better diagnose the issue.

    Additional resources:

    Troubleshoot LDAPS
    How to enable LDAP over SSL with a third-party certification authority.

    LDAPS error


    If the information helped you, please Accept the answer. This will help us as well as others in the community who may be researching similar issues.