-1

I have plan to push log from the Windows Server to log server. The log server use only LDAPS and my current server use LDAP. Is it required to enable LDAPS on the Windows Server to do this task.

Can I enable both LDAPS and LDAP on the same AD server?

Dave M
  • 4,514
  • 22
  • 31
  • 30
makra san
  • 1
  • 2
  • I don't see why not? They are running on a different port numbers. You will need to use a certificate for LDAPS though... It is possible when using Samba as Active Directory server, but I do not know the settings for Windows Active Directory. – Lasse Michael Mølgaard Jun 04 '21 at 08:06
  • I concerned about LDAPS will overwrite the current LDAP and all pcs can't connect to AD. – makra san Jun 04 '21 at 08:43
  • To my knowledge it shouldn't. You can not start LDAPS without a valid certificate and the LDAPS server should point to the same configuration as LDAP. The only difference is that the channel is encrypted. – Lasse Michael Mølgaard Jun 04 '21 at 12:10

1 Answers1

1

You can do this. I was doing this when setting up my LDAP server cluster. To get everything stood up, we used port 389. Once we had a certificate, we did the install and opened up port 636. We can use both without issue. As the project matures all the various services that are consuming LDAP are being moved over to port 636. There is also a way to configure the listener on port 389 to use a certificate, but for us there's no need for that.

Tim
  • 21
  • 2