This article describes how to configure the Windows 2000 address book to search Active Directory by using SSL or port 636. You can use this type of search to test the connectivity and search capabilities against the Active Directory by using SSL.

Configuring the Address Book

You can verify that your server authentication certificate is working properly by testing if you can establish a 128-bit SSL connection between your server and a Windows 2000-based domain controller. Note that this only works if a certificate has also been issued to the domain controller from the same certificate authority (CA) that issued the certificate for your server. To verify that your server authentication certificate is working properly:

  1. After you install the required certificates, on the server, click Start, point to Search, and then click For People.
  2. In the Look in box, click Active Directory.
  3. Right-click Active Directory, and then click Properties.
  4. In the Active Directory Properties dialog box, type the fully qualified domain name of the domain controller to which you want to connect in the Search Name box, for example, domain controller name.domain
  5. If you are logged on with a domain account that has permissions to search the Active Directory, you can skip this step. Otherwise, provide administrator-level credentials for this domain controller in the Account and Password boxes. For example:Account: domain name\user name
    Password: passwordNOTE: domain name is the name of your domain where the account exists, and user name is the account that you are using to log on. The password must be the password for the account that you are using.
  6. After you have specified the domain controller and the appropriate credentials, click theAdvanced tab, and then specify SSL connectivity for LDAP (the port must be set to 636).
  7. Select a search base that is appropriate to your Active Directory structure, for example CN=Users,DC=domain,DC=com.
  8. Click OK to close the Active Directory Properties dialog box.

In the Find People dialog box, click Active Directory in the Look in box.
Searching for People Against Active Directory

  1. Click the Advanced tab.
  2. In the define criteria section, select the following criteria for the search:NAME Contains Administrator
  3. Click Add, and then click Find Now.

If your server can establish a 128-bit SSL connection to the domain controller, you see the results of your search in the Results pane of the Find People dialog box. If you cannot establish a 128-bit SSL connection to the domain controller, you may receive the following error message, or one that is similar to this error message:There are no entries in the directory service that match your search criteria.This message may have several causes, so other possible causes should be ruled out. Verify that all server name and credential information is correct. To help rule out other error causes, configure the port setting on the Advanced tab under Active Directory properties (that was previously described) to be the default LDAP port (389), and then repeat the test. If the test still does not work, you may have a name resolution problem, or other connectivity problem.

Post By Editor (2,827 Posts)

Website: →