Enable secure LDAP (LDAPS) for an Azure AD Domain Services managed domain
Before you begin
Task 3: Enable secure LDAP for the managed domain using the Azure portal
To enable secure LDAP, perform the following configuration steps:
Navigate to the Azure portal.
Search for 'domain services' in the Search resources search box. Select Azure AD Domain Services from the search result. The Azure AD Domain Services page lists your managed domain.
Click the name of the managed domain (for example, 'contoso100.com') to see more details about the domain.
Click Secure LDAP on the navigation pane.
By default, secure LDAP access to your managed domain is disabled. Toggle Secure LDAP to Enable.
By default, secure LDAP access to your managed domain over the internet is disabled. Toggle Allow secure LDAP access over the internet to Enable, if you need to.
When you enable secure LDAP access over the internet, your domain is susceptible to password brute force attacks over the internet. Therefore, we recommend setting up an NSG to lock down access to required source IP address ranges. See the instructions to lock down LDAPS access to your managed domain over the internet.
Click the folder icon following .PFX file with secure LDAP certificate. Specify the path to the PFX file with the certificate for secure LDAP access to the managed domain.
Specify the Password to decrypt .PFX file. Provide the same password you used when exporting the certificate to the PFX file.
When you're done, click the Save button.
You see a notification that informs you secure LDAP is being configured for the managed domain. Until this operation is complete, you can't modify other settings for the domain.
It takes about 10 to 15 minutes to enable secure LDAP for your managed domain. If the provided secure LDAP certificate does not match the required criteria, secure LDAP is not enabled for your directory and you see a failure. For example, the domain name is incorrect, the certificate has already expired or expires soon. In this case, retry with a valid certificate.
We'd love to hear your thoughts. Choose the type you'd like to provide:
Our feedback system is built on GitHub Issues. Read more on our blog.