Chapter 15. Changing the LDAP and LDAPS port numbers
By default, Directory Server uses port 389
for the LDAP and, if you enabled, port 636
for the LDAPS protocol. You can change the port numbers, for example, to run multiple Directory Server instances on one host.
Other services must not use new ports that you assigned to the protocols for an instance.
15.1. Changing the port numbers using the command line
You can change the port numbers of the LDAP and LDAPS protocol using the command line. LDAP and LDAPs port change requires update of the nsslapd-port
and nsslapd-securePort
parameters.
Procedure
Optionally: Display the current port numbers for the instance:
dsconf -D "cn=Directory Manager" ldap://server.example.com config get nsslapd-port nsslapd-securePort
# dsconf -D "cn=Directory Manager" ldap://server.example.com config get nsslapd-port nsslapd-securePort
Copy to Clipboard Copied! Change the LDAP port:
Set the new port for the LDAP protocol. For example, to set it to
1389
, run:dsconf -D "cn=Directory Manager" ldap://server.example.com config replace nsslapd-port=1389
# dsconf -D "cn=Directory Manager" ldap://server.example.com config replace nsslapd-port=1389
Copy to Clipboard Copied! Set the
ldap_port_t
type for the LDAP port you assigned in the previous step:semanage port -a -t ldap_port_t -p tcp 1389
# semanage port -a -t ldap_port_t -p tcp 1389
Copy to Clipboard Copied!
Change the LDAPS port:
Set the new port for the LDAPS protocol. For example, to set it to
1636
, run:dsconf -D "cn=Directory Manager" ldap://server.example.com config replace nsslapd-securePort=1636
# dsconf -D "cn=Directory Manager" ldap://server.example.com config replace nsslapd-securePort=1636
Copy to Clipboard Copied! Set the
ldap_port_t
type for the LDAPS port you assigned in the previous step:semanage port -a -t ldap_port_t -p tcp 1636
# semanage port -a -t ldap_port_t -p tcp 1636
Copy to Clipboard Copied!
Restart the instance:
dsctl instance_name restart
# dsctl instance_name restart
Copy to Clipboard Copied!
Verification
Verify that Directory Server now uses the new LDAP port by the command:
dsconf instance_name config get nsslapd-port
# dsconf instance_name config get nsslapd-port
Copy to Clipboard Copied! Verify that Directory Server now uses the new LDAPS port number by the command:
dsconf instance_name config get nsslapd-securePort
# dsconf instance_name config get nsslapd-securePort
Copy to Clipboard Copied!
15.2. Changing the port numbers using the web console
You can change the port numbers of the LDAP and LDAPS protocol using the web console.
Prerequisites
- You are logged in to the instance in the web console.
Procedure
Change the LDAP port:
- Open the menu.
-
On the
Server Setting
tab, enter the new port number into the LDAP Port field.
- Click .
Change the LDAPS port:
- Open the menu.
-
On the
General Settings
tab, enter the new port number into the LDAPS Port field. - Click .
- Restart the instance by clicking Restart Instance. and selecting
Verification
- Verify in the server setting that the changed port is reflected .