On the Ports page, you specify the communications ports that the Active Directory Lightweight Directory Services (AD LDS) instance will use to communicate with directory-enabled applications. Directory-enabled applications locate an AD LDS instance by using a combination of the name of the computer on which the AD LDS instance is running and a communication port number. An AD LDS instance can communicate using Lightweight Directory Access Protocol (LDAP) or Secure Sockets Layer (SSL). You must provide a port number for each.

If you are not sure what communication port numbers to use, accept the default values.

  • By default, AD LDS uses the default communication port numbers of 389 and 636 for LDAP and SSL, respectively. If either of these ports is already in use on the computer, AD LDS specifies the first available port starting at 50000.
  • If you plan to run AD LDS and Active Directory Domain Services (AD DS) concurrently on the same computer, you must assign ports other than 389 and 636 to AD LDS. AD DS requires the use of ports 389 and 636 (as well as ports 3268 and 3269 if the domain controller running AD DS is configured as a global catalog).

Additional references