befhel ladap5
This commit is contained in:
unknown
+21
-1
@@ -26,4 +26,24 @@ gpresult /r /scope:computer | Select-String -Pattern "LDAP|ldap"
|
||||
|
||||
# 4. Nach GPO-Aenderung:
|
||||
gpupdate /force
|
||||
Restart-Service NTDS -Force
|
||||
Restart-Service NTDS -Force
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# Selbst-signiertes Zertifikat fuer LDAPS erstellen
|
||||
$cert = New-SelfSignedCertificate `
|
||||
-DnsName "SRV-DC01.byte.trail","byte.trail","10.10.10.10" `
|
||||
-CertStoreLocation "Cert:\LocalMachine\My" `
|
||||
-KeySpec KeyExchange `
|
||||
-KeyLength 2048 `
|
||||
-KeyExportPolicy Exportable `
|
||||
-NotAfter (Get-Date).AddYears(10) `
|
||||
-Provider "Microsoft RSA SChannel Cryptographic Provider"
|
||||
|
||||
# AD erkennt Zertifikate im Personal Store automatisch und aktiviert LDAPS (Port 636)
|
||||
Restart-Service NTDS -Force
|
||||
|
||||
# Pruefen ob Port 636 jetzt lauscht:
|
||||
Test-NetConnection -ComputerName localhost -Port 636
|
||||
Reference in New Issue
Block a user