Modify the Communication Ports Used by an AD LDS Instance

Applies To: Windows Server 2008

You can use this procedure and the Dsbutil general Active Directory Lightweight Directory Services (AD LDS) management tool, to modify the communication ports that are used by an AD LDS instance that is installed on your computer.

Membership in Administrators, or equivalent, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (https://go.microsoft.com/fwlink/?LinkId=83477).

To modify the communications ports used by an AD LDS instance

  1. Open a Command Prompt. To open a command prompt, click Start, click Run, and then type cmd.

  2. At the command prompt, type the following command, and then press ENTER:

    net stop <instancename>

    Where <instancename> represents the service name of the AD LDS instance for which you want to change the communication port.

  3. At the command prompt, type the following command, and then press ENTER:

    dsdbutil

  4. At the dsdbutil: prompt, type the following command, and then press ENTER:

    activate instance <instancename>

    Where <instancename> represents the service name of the AD LDS instance for which you want to modify the communication port.

  5. At the dsdbutil: prompt, do one of the following:

    • To change the Lightweight Directory Access Protocol (LDAP) communication port, type the following command, and then press ENTER:

      LDAP port <portnumber>

      Where <portnumber> represents a communication port (either 389 or in the range of 1025 through 65535) that you want to assign to LDAP.

    • To change the Secure Sockets Layer (SSL) communication port, type the following command, and then press ENTER:

      SSL port <portnumber>

      Where <portnumber> represents the communication port (either 636 or in the range of 1025 through 65535) that you want to assign to SSL.

  6. To exit dsdbutil, at the dsdbutil: prompt, type the following command, and then press ENTER:

    quit

  7. To restart the AD LDS instance, at the command prompt, type the following command, and then press ENTER:

    net start <instancename>

Note

Allowable communication port numbers for AD LDS include 389, 636, and any port number in the range of 1025 through 65535.