diff --git a/config-templates/authsources.php b/config-templates/authsources.php
index e077d2f3689e5c9ca7fee091d1e8a6724c88c0d2..2865d345395430a8771a8e04367dd724138b6973 100644
--- a/config-templates/authsources.php
+++ b/config-templates/authsources.php
@@ -276,6 +276,10 @@ $config = array(
         // The default is 0, which means no timeout.
         'timeout' => 0,
 
+        // The port used when accessing the LDAP server.
+        // The default is 389.
+        'port' => 389,
+
         // Set whether to follow referrals. AD Controllers may require FALSE to function.
         'referrals' => TRUE,
 
diff --git a/lib/SimpleSAML/Auth/LDAP.php b/lib/SimpleSAML/Auth/LDAP.php
index 50cd5da528cbe439be0e8fa9f87bacbef9ff4ab8..db95377c41a98c0abd9d32a9f75ae959112cc274 100644
--- a/lib/SimpleSAML/Auth/LDAP.php
+++ b/lib/SimpleSAML/Auth/LDAP.php
@@ -100,7 +100,7 @@ class SimpleSAML_Auth_LDAP {
 		}
 
 		// Enable TLS, if needed.
-		if (!preg_match("/ldaps:/i", $hostname) and $enable_tls)
+		if (stripos($hostname, "ldaps:") === FALSE and $enable_tls)
 			if (!@ldap_start_tls($this->ldap))
 				throw $this->makeException('Library - LDAP __construct(): Unable to force TLS', ERR_INTERNAL);
 
diff --git a/modules/ldap/lib/ConfigHelper.php b/modules/ldap/lib/ConfigHelper.php
index 8f8f4d539df4f5bb04339961f943a605bb9093e3..d5d271b070996c4be91b92f82844444483783834 100644
--- a/modules/ldap/lib/ConfigHelper.php
+++ b/modules/ldap/lib/ConfigHelper.php
@@ -45,6 +45,13 @@ class sspmod_ldap_ConfigHelper {
 	 */
 	private $timeout;
 
+	/**
+	 * The port used when accessing the LDAP server.
+	 *
+	 * @var int
+	 */
+	private $port;
+
 	/**
 	 * Whether to follow referrals
 	 */
@@ -130,6 +137,7 @@ class sspmod_ldap_ConfigHelper {
 		$this->enableTLS = $config->getBoolean('enable_tls', FALSE);
 		$this->debug = $config->getBoolean('debug', FALSE);
 		$this->timeout = $config->getInteger('timeout', 0);
+		$this->port = $config->getInteger('port', 389);
 		$this->referrals = $config->getBoolean('referrals', TRUE);
 		$this->searchEnable = $config->getBoolean('search.enable', FALSE);
 		$this->privRead = $config->getBoolean('priv.read', FALSE);
@@ -177,7 +185,7 @@ class sspmod_ldap_ConfigHelper {
 			throw new SimpleSAML_Error_Error('WRONGUSERPASS');
 		}
 
-		$ldap = new SimpleSAML_Auth_LDAP($this->hostname, $this->enableTLS, $this->debug, $this->timeout, 389, $this->referrals);
+		$ldap = new SimpleSAML_Auth_LDAP($this->hostname, $this->enableTLS, $this->debug, $this->timeout, $this->port, $this->referrals);
 
 		if (!$this->searchEnable) {
 			$ldapusername = addcslashes($username, ',+"\\<>;*');
@@ -245,7 +253,7 @@ class sspmod_ldap_ConfigHelper {
 			$this->enableTLS,
 			$this->debug,
 			$this->timeout,
-			389,
+			$this->port,
 			$this->referrals);
 
 		if ($attribute == NULL)
@@ -269,7 +277,7 @@ class sspmod_ldap_ConfigHelper {
 			$this->enableTLS,
 			$this->debug,
 			$this->timeout,
-			389,
+			$this->port,
 			$this->referrals);
 
 		/* Are privs needed to get the attributes? */