Paul, could you elaborate a bit on which API call is failing?
Since you mention you successfully imported the trusted root CA cert into
the server running AD, are you trying to make a SSL connection on port 636?
If so you need to install a server certificate from the CA as well as the
trusted root CA. Information on how to get a server certificate for your DC
through Microsoft Certificate Services and the characteristics you need to
request if getting a server cert from a third party CA is described in the
/establishing_a_session_over_ssl.asp. The client needs the trusted CA
certificate and the server requires the server certificate and the trusted
As a smoke test you can try using the telnet client from the linux box to
see if you can reach the server. Specify 389 as the port for non-SSL ldap,
or 636 for SSL. If you are able to connect then the server is up,
reachable, and listening. Often an ldapsearch tool is shipped that may also
help as it will be able to send LDAP requests to the server which you can't
do easily through telnet.
Note that if you are going to be using ldap simple binds you should be using
SSL to maintain the privacy of your password information.
This posting is provided "AS IS" with no warranties, and confers no rights.
> I am using the novell LDAP SDK to bind to an Active Directory Server
> from a Linux box.
> When I attempt to bind to the server I receive the following error:
> I have successfully imported the trusted root CA into the Windows 2000
> Advanced Server box which is running Active Directory.
> Any help on why this is so I would appreciate.