We have a Windows 2003 R2 server. And are trying to connect to it via LDAP, there so far are no firewalls, or other blocking systems in place, However it seems we cannot connect to it via LDAP over port 389.
Is there something i have to set to enable it? IF it is disabled how can i renable it?
Anyone know what i can do to verify everything?
The computer is a PDC.
Thanks
You can verify if the server is listening for requests by running the netstat command like this:
netstat -ano
In the output, look for entries like this:
TCP 0.0.0.0:389 0.0.0.0:0 LISTENING 123
UDP <serverIP>:389 *:* 123
The number in the last column is the process ID of whatever is listening on the ports. Run the tasklist command to validate that the Local Security Authority (this is the Net Logon service) is the one listening:
tasklist /FI "PID eq 123"
You should see output like this (image name should be lsass.exe):
lsass.exe 488 Console 0 32,292 K
Generally, if you do not see this service running (and the server listening on port 389) it means that probably DNS is not configured correctly, but it could be other problems. If Net Logon won't start, look in the event log to see why. The first place to go with any errors is http://www.eventid.net/
If it is started then it's very likely there is some kind of firewall software (or network hardware based firewall) that is blocking the port. It is easy to overlook software based firewalls or discover that someone else has added an incorrect acl to a network switch or router.
