| title | description | services | documentationcenter | author | manager | editor | ms.assetid | ms.service | ms.component | ms.workload | ms.tgt_pltfrm | ms.devlang | ms.topic | ms.date | ms.author |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Configure DNS to access a managed domain using LDAPS over the internet | Microsoft Docs |
Configure DNS to access an Azure AD Domain Services managed domain using LDAPS over the internet |
active-directory-ds |
eringreenlee |
mtillman |
curtand |
a47f0f3e-2578-422a-a421-034f66de38f5 |
active-directory |
domain-services |
identity |
na |
na |
conceptual |
08/01/2018 |
ergreenl |
Complete Task 3: enable secure LDAP for the managed domain using the Azure portal
Tip
Optional task - If you do not plan to access the managed domain using LDAPS over the internet, skip this configuration task.
Before you begin this task, complete the steps outlined in Task 3.
After you enable secure LDAP access over the internet, you need to update DNS so that client computers can find this managed domain. You see an external IP address on the Properties tab in EXTERNAL IP ADDRESS FOR LDAPS ACCESS.
Configure your external DNS provider so that the DNS name of the managed domain (for example, 'ldaps.contoso100.com') points to this external IP address. For example, create the following DNS entry:
ldaps.contoso100.com -> 52.165.38.113
That's it! You're now ready to connect to the managed domain using secure LDAP over the internet.
Warning
Remember that client computers must trust the issuer of the LDAPS certificate to be able to connect successfully to the managed domain using LDAPS. If you are using a publicly trusted certification authority, you do not need to do anything since client computers trust these certificate issuers. If you are using a self-signed certificate, install the public part of the self-signed certificate into the trusted certificate store on the client computer.
Task 5: bind to the managed domain and lock down secure LDAP access