LDAP servers are usually configured for both plain text (unencrypted) and secured (encrypted) communication. Conventionally, port 389 is dedicated to plain requests and port 636 is dedicated to secured requests. The StartTLS extension allows an application to make both plain text and secured requests on a single port that is normally used for plain text communications. Using StartTLS avoids the need for a dedicated secured port.
You can configure PowerExchange to use the StartTLS extension with any of the three levels of LDAP security.
To enable use of the StartTLS extension, incude the START_TLS=Y parameter in the LDAP_TLS or LDAP_OPENSSL statement in the DBMOVER configuration file. Also, change any port settings to use the plain text port.