Windows 2000
DCs use
Lightweight
Directory
Access
Protocol (
LDAP) port 389 to
communicate with the
AD. Port 389 is used for client queries and administrative tasks. If your Windows 2000
DC
is running
Exchange Server, you must make some changes, as
Exchange Server uses
LDAP port 389.
If you do NOT make changes, there WILL BE mis-communication between data directed to the AD and data directed to the Exchange Directory store. Your Application event log may also contain
Event ID: 1306 Type: Error Source: MSExchangeDS Description: Register LDAP protocol failed with error 10048. If port number 389 is used by another application, change to an unused port, then shut down and restart Microsoft Exchange Directory Services. Contact Microsoft Support Service if condition persists. Event ID: 1309 Type: Error Source: MSExchangeDS Description: Register LDAP SSL protocol failed with error 10048. The LDAP SSL server is not available. Make sure port number 636 is not used by another application.Both products also use LDAP port 636 for secure data transmission, so this must also be changed.
You can modify Exchange LDAP to listen on different ports, so that 389 and 636 are available for AD.
See Microsoft Knowledge Base article Q224447 - How To Change LDAP Port Assignments in Exchange Server.
NOTE: Exchange does NOT have to be modified for:
LDAP port for Global Catalog: 3268
LDAP port for Global Catalog with SSL: 3269.