cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1111
Views
0
Helpful
2
Replies

Best LDAP port to use in multiple domains

angfeglandagan
Level 1
Level 1

Hi gurus,

Whats the best port to use if you have multiple domains in a forest..

Im using 389..would 3268 is ok?


please advise..

thank you

2 Replies 2

kluu_ironport
Level 2
Level 2

If you have a global catalog (windows 2000 server and later), then you should use the 3268 port as it's faster.


Here is a good reference on global catalog:

http://technet.microsoft.com/en-us/library/cc728188.aspx

Hi gurus,

Whats the best port to use if you have multiple domains in a forest..

Im using 389..would 3268 is ok?


please advise..

thank you

Also searching using GC will look across all domains - if you are having trouble finding users use the GC port.

More information is found in the KB

"NOTE: If your Active Directory implementation contains subdomains, you will not be able to query for users in a sub domain using the base DN of the root domain. However, when using Active Directory, you may also query LDAP against the Global Catalog (GC) Server on TCP port 3268. The GC contains partial information for *all* objects in the Active Directory forest and provides referrals to the subdomain in question when further information is required. If you cannot "find" users in your subdomains, leave the base DN at the root and change to the GC port." - from the KB