I have created an AD LDS instance as a proxy to AD. Port 50004 is for NON-ssl and port 50005. Both ports seem to work using ldp.exe. I also tested the SSL port with my application.
Now I want to turn off SSL using ADSI Edit and retest my application, but am confused. Here are the instructions from
http://technet.microsoft.com/en-us/library/cc794922(v=ws.10).aspx
To disable the SSL requirement for bind redirectionTo open ADSI Edit, click Start, point to Administrative Tools, and then clickADSI Edit. Connect to configuration directory partition of your AD LDS instance. For more information, seeManage an AD LDS Instance Using ADSI Edit.
In the console tree, browse to the following container object in the configuration partition:
CN=Directory Service,CN=Windows NT,CN=Services.Right-click CN=Directory Service, and then click Properties.
In Attributes, click msDS-Other-Settings, and then clickEdit.
In Values, click RequireSecureProxyBind=1, and then clickRemove.
In Value to add, type
RequireSecureProxyBind=0, clickAdd, and then click OK.
When I start ADSI Edit on the LDS box, I see in the tree pane:
Configuration [localhost:50004]
I can see that RequireSecureProxyBind=0
For my instance of LDS isn't there only ONE Configuration partition?
If I try to connect to Configuration[localhost:50005], I get
---------------------------
ADSIEdit
---------------------------
Operation failed. Error code: 0x8007203a
The server is not operational.
---------------------------
OK
---------------------------
Note that I also see in the tree pane: APPLIC PARTITION DC=APPPARTFE,DC=COM [LOCALHOST:50004] It also references the non-ssl port.
Does this mean that my SSL testing was not valid? May I assume that there is only 1 application partition and not one for ssl and one for non-ssl that are using the same partition name?
What am I doing wrong or not understanding?
Thanks.
leo