Chapter 15. Changing the LDAP and LDAPS port numbers
By default, Directory Server uses port 389
for the LDAP and, if you enabled, port 636
for the LDAPS protocol. You can change the port numbers, for example, to run multiple Directory Server instances on one host.
Other services must not use new ports that you assigned to the protocols for an instance.
15.1. Changing the port numbers using the command line
You can change the port numbers of the LDAP and LDAPS protocol using the command line. LDAP and LDAPs port change requires update of the nsslapd-port
and nsslapd-securePort
parameters.
Procedure
Optionally: Display the current port numbers for the instance:
Copy to Clipboard Copied! Toggle word wrap Toggle overflow dsconf -D "cn=Directory Manager" ldap://server.example.com config get nsslapd-port nsslapd-securePort
# dsconf -D "cn=Directory Manager" ldap://server.example.com config get nsslapd-port nsslapd-securePort
Change the LDAP port:
Set the new port for the LDAP protocol. For example, to set it to
1389
, run:Copy to Clipboard Copied! Toggle word wrap Toggle overflow dsconf -D "cn=Directory Manager" ldap://server.example.com config replace nsslapd-port=1389
# dsconf -D "cn=Directory Manager" ldap://server.example.com config replace nsslapd-port=1389
Set the
ldap_port_t
type for the LDAP port you assigned in the previous step:Copy to Clipboard Copied! Toggle word wrap Toggle overflow semanage port -a -t ldap_port_t -p tcp 1389
# semanage port -a -t ldap_port_t -p tcp 1389
Change the LDAPS port:
Set the new port for the LDAPS protocol. For example, to set it to
1636
, run:Copy to Clipboard Copied! Toggle word wrap Toggle overflow dsconf -D "cn=Directory Manager" ldap://server.example.com config replace nsslapd-securePort=1636
# dsconf -D "cn=Directory Manager" ldap://server.example.com config replace nsslapd-securePort=1636
Set the
ldap_port_t
type for the LDAPS port you assigned in the previous step:Copy to Clipboard Copied! Toggle word wrap Toggle overflow semanage port -a -t ldap_port_t -p tcp 1636
# semanage port -a -t ldap_port_t -p tcp 1636
Restart the instance:
Copy to Clipboard Copied! Toggle word wrap Toggle overflow dsctl instance_name restart
# dsctl instance_name restart
Verification
Verify that Directory Server now uses the new LDAP port by the command:
Copy to Clipboard Copied! Toggle word wrap Toggle overflow dsconf instance_name config get nsslapd-port
# dsconf instance_name config get nsslapd-port
Verify that Directory Server now uses the new LDAPS port number by the command:
Copy to Clipboard Copied! Toggle word wrap Toggle overflow dsconf instance_name config get nsslapd-securePort
# dsconf instance_name config get nsslapd-securePort
Additional resources
-
For more details on
nsslapd-securePort
parameter, see Description of the nsslapd-securePort parameter -
For more details on
nsslapd-port
parameter, see Description of the nsslapd-port parameter
15.2. Changing the port numbers using the web console
You can change the port numbers of the LDAP and LDAPS protocol using the web console.
Prerequisites
- You are logged in to the instance in the web console.
Procedure
Change the LDAP port:
- Open the menu.
-
On the
Server Setting
tab, enter the new port number into the LDAP Port field.
- Click .
Change the LDAPS port:
- Open the menu.
-
On the
General Settings
tab, enter the new port number into the LDAPS Port field. - Click .
- Restart the instance by clicking Restart Instance. and selecting
Verification
- Verify in the server setting that the changed port is reflected .
Additional resources
- For more details on restarting the instance, see Starting and Stopping a Directory Server instance using the web console
- For more information on logging into Directory Server using web console, see Logging into Directory Server using web console