CONFIGURING


Changing the LDAP service port and port security configuration

By default, LDAP clients can connect to the LDAP service over TCP/IP port 389, anonymously or using name-and-password authentication. By default, LDAP clients cannot connect using TLS.

To authenticate using name-and-password security some LDAP clients -- for example Microsoft™ Internet Explorer and HCL Notes® clients with LDAP accounts -- first do an anonymous search to retrieve the distinguished names used for the authentication, so that users don't have to specify the distinguished names themselves. To enable such clients to authenticate using names and passwords, you must enable anonymous access, as well as name and password authentication, for the LDAP service port the clients use to connect. You must also allow anonymous read access to the attribute(s) the clients use to search the directory anonymously to retrieve the distinguished names. Attributes typically searched for are cn, uid, sn, givenname, or mail.

Follow these steps to change the LDAP service port and port security configuration on a specific server that runs the LDAP service:

1. From the HCL Domino® Administrator, click the Configuration tab.

2. In the navigation pane, expand Server and open the Server document for the server that runs the LDAP service.

3. Click Edit Server.

4. Click the Ports -> Internet Ports -> Directory tab.


5. Complete these fields:
6. To change the TLS port configuration for the LDAP service, complete these fields:
7. Click Save & Close.

8. If you made the changes on a different server than the one for which you are configuring the LDAP service, replicate the changes to the server that runs the LDAP service.

9. Enter the following command on the server that runs the LDAP service to put the changes into effect:


Related concepts
Understanding Internet site documents on Domino servers
Name-and-password authentication for Internet/intranet clients
Anonymous Internet and intranet access
Customizing the LDAP service configuration
The LDAP service

Related tasks
Setting up Notes user, Domino server, and Internet user access to a Domino server
Setting up Notes and Internet clients for TLS client authentication