DetailPage-MSS-KB

Microsoft small business knowledge base

Article ID: 254610 - Last Review: February 28, 2007 - Revision: 3.2

This article was previously published under Q254610

SYMPTOMS

When you attempt to perform Active Directory LDAP queries using a secure connection (SSL), you may receive the following error message:
There are no entries in the directory service that match your search criteria.
Also, the following error message may be added to the System Event Log:


Type: Error
Event ID: 36876
Category: None

The certificate received from the remote server has not validated correctly. The error code is 0x80090322. The SSL connection has failed. The attached data contains the server certificate.

CAUSE

This issue can occur if the Active Directory Account Properties are missing or incorrectly configured.

RESOLUTION

To resolve this issue, view and correct the Active Directory properties:
  1. Click Start, point to Programs, point to Accessories, and then click Address Book.
  2. On the Tools menu, click Accounts.
  3. Click Active Directory, and then click Properties.
  4. In the Server name box, type the fully qualified name for the computer that contains the Active Directory. For example, type the name using the following syntax
    computername.domain.com
    where computername is the name of your computer, domain is the name of your domain, and com is the extenstion of your domain.
    If the server requires you to log on, click to select the This server requires me to log on check box, and then type the account name and password in the Account name and Password boxes.
  5. On the Advanced tab, click the This server requires a secure connection (SSL) check box to enable secure LDAP queries.

    NOTE: SSL communications use port 636.
  6. In the Search base box, type the domain name and extension using the following syntax:
    DC=domain,DC=com
  7. Click OK to apply the changes.

MORE INFORMATION

For additional information about configuring clients for Active Directory searches, click the article number below to view the article in the Microsoft Knowledge Base:
238007  (http://support.microsoft.com/kb/238007/EN-US/ ) How to Configure Address Book to Query Users in Active Directory


For additional information about how to enable Secure Socket Layer (SSL) communication over LDAP, click the article number below to view the article in the Microsoft Knowledge Base:
247078  (http://support.microsoft.com/kb/247078/EN-US/ ) How To Enable Secure Socket Layer (SSL) Communication Over LDAP

APPLIES TO
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional Edition
Keywords: 
kbenv kberrmsg kbnetwork kbprb KB254610
Share
Additional support options
Ask The Microsoft Small Business Support Community
Contact Microsoft Small Business Support
Find Microsoft Small Business Support Certified Partner
Find a Microsoft Store For In-Person Small Business Support