diff --git a/core/src/main/java/org/springframework/security/config/LdapBeanDefinitionParser.java b/core/src/main/java/org/springframework/security/config/LdapBeanDefinitionParser.java
index 316839b9ca..7f80ed4b2b 100644
--- a/core/src/main/java/org/springframework/security/config/LdapBeanDefinitionParser.java
+++ b/core/src/main/java/org/springframework/security/config/LdapBeanDefinitionParser.java
@@ -49,6 +49,10 @@ public class LdapBeanDefinitionParser extends AbstractBeanDefinitionParser {
      */
     public static final String LDIF_FILE_ATTRIBUTE = "ldif";
 
+    /** Defines the port the LDAP server should run on */
+    public static final String PORT_ATTRIBUTE = "port";
+    public static final String DEFAULT_LDAP_PORT = "33389";
+
     // Defaults
     private static final String DEFAULT_ROOT_SUFFIX = "dc=springframework,dc=org";
     private static final String DEFAULT_PROVIDER_BEAN_ID = "_ldapAuthenticationProvider";
@@ -146,15 +150,20 @@ public class LdapBeanDefinitionParser extends AbstractBeanDefinitionParser {
             partition.setSuffix(suffix);
         } catch (NamingException e) {
             // TODO: What exception should we be throwing here ?
-
-            logger.error("Failed to set root name suffix to " + suffix, e);
+            parserContext.getReaderContext().error("Failed to set root name suffix to " + suffix, element, e);
         }
 
         HashSet partitions = new HashSet(1);
         partitions.add(partition);
 
-        //TODO: Allow port configuration
-        configuration.setLdapPort(3389);
+        String port = element.getAttribute(PORT_ATTRIBUTE);
+
+        if (!StringUtils.hasText(port)) {
+            port = DEFAULT_LDAP_PORT;
+        }
+
+        configuration.setLdapPort(Integer.parseInt(port));
+
         // We shut down the server ourself when the app context is closed so we don't need
         // the extra shutdown hook from apache DS itself.
         configuration.setShutdownHookEnabled(false);
@@ -162,7 +171,8 @@ public class LdapBeanDefinitionParser extends AbstractBeanDefinitionParser {
         configuration.setContextPartitionConfigurations(partitions);
 
         RootBeanDefinition initialDirContextFactory = new RootBeanDefinition(DefaultInitialDirContextFactory.class);
-        initialDirContextFactory.getConstructorArgumentValues().addIndexedArgumentValue(0, "ldap://127.0.0.1:3389/" + suffix);
+        initialDirContextFactory.getConstructorArgumentValues().addIndexedArgumentValue(0,
+                "ldap://127.0.0.1:" + port + "/" + suffix);
 
         initialDirContextFactory.getPropertyValues().addPropertyValue("managerDn", "uid=admin,ou=system");
         initialDirContextFactory.getPropertyValues().addPropertyValue("managerPassword", "secret");
@@ -172,8 +182,8 @@ public class LdapBeanDefinitionParser extends AbstractBeanDefinitionParser {
         apacheDSStartStop.getConstructorArgumentValues().addGenericArgumentValue(initialDirContextFactory);
 
         if (parserContext.getRegistry().containsBeanDefinition("_apacheDSStartStopBean")) {
-            //TODO: Appropriate exception
-            throw new IllegalArgumentException("Only one embedded server bean is allowed per application context");
+            parserContext.getReaderContext().error("Only one embedded server bean is allowed per application context",
+                    element);
         }
 
         parserContext.getRegistry().registerBeanDefinition("_apacheDSStartStopBean", apacheDSStartStop);
diff --git a/core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc b/core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc
index d9aa294a82..69ba62e11d 100644
--- a/core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc
+++ b/core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc
@@ -6,11 +6,21 @@ datatypes xsd = "http://www.w3.org/2001/XMLSchema-datatypes"
 
 default namespace = "http://www.springframework.org/schema/security"
 
+start = http | ldap
+
 # targetNamespace="http://www.springframework.org/schema/security"
 
 path-type =
     ## Defines the type types of pattern used to specify URL paths. Defaults to "ant"
     [ a:defaultValue = "ant" ] attribute pathType {"regex" | "ant"}
+    
+port =
+    ## Specifies an IP port number. Used to configure an embedded LDAP server, for example. 
+    attribute port { xsd:integer } 
+    
+url =
+    ## Specifies a URL.
+    attribute url { xsd:string }
 
 autoconfig = 
     ## Provides automatic security configration for a application
@@ -21,10 +31,12 @@ ldap =
     ## Sets up an ldap authentication provider, optionally with an embedded ldap server
     element ldap {ldap.attlist, empty}
 ldap.attlist &=
-    ## Specifies the ldap server Url. If omitted, an embedded server will be created    
-    attribute url { xsd:string }?
+    ## The url indicates the server location. If omitted, an embedded server will be 
+    ## started, optionally with the configured port number.
+    (url | port)?
+        
 ldap.attlist &=
-    ## Explicitly specify an ldif file resource to load 
+    ## Explicitly specify an ldif file resource to load into the embedded server
     [ a:defaultValue = "classpath:*.ldif" ] attribute ldif { xsd:string }?
 
 intercept-methods = 
diff --git a/core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd b/core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd
index 86e2654988..e20053556a 100644
--- a/core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd
+++ b/core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd
@@ -14,6 +14,20 @@
       </xs:simpleType>
     </xs:attribute>
   </xs:attributeGroup>
+  <xs:attributeGroup name="port">
+    <xs:attribute name="port" use="required" type="xs:integer">
+      <xs:annotation>
+        <xs:documentation>Specifies an IP port number. Used to configure an embedded LDAP server, for example. </xs:documentation>
+      </xs:annotation>
+    </xs:attribute>
+  </xs:attributeGroup>
+  <xs:attributeGroup name="url">
+    <xs:attribute name="url" use="required" type="xs:string">
+      <xs:annotation>
+        <xs:documentation>Specifies a URL.</xs:documentation>
+      </xs:annotation>
+    </xs:attribute>
+  </xs:attributeGroup>
   <xs:element name="autoconfig">
     <xs:annotation>
       <xs:documentation>Provides automatic security configration for a application</xs:documentation>
@@ -31,12 +45,17 @@
   <xs:attributeGroup name="ldap.attlist">
     <xs:attribute name="url" type="xs:string">
       <xs:annotation>
-        <xs:documentation>Specifies the ldap server Url. If omitted, an embedded server will be created    </xs:documentation>
+        <xs:documentation>Specifies a URL.</xs:documentation>
+      </xs:annotation>
+    </xs:attribute>
+    <xs:attribute name="port" type="xs:integer">
+      <xs:annotation>
+        <xs:documentation>Specifies an IP port number. Used to configure an embedded LDAP server, for example. </xs:documentation>
       </xs:annotation>
     </xs:attribute>
     <xs:attribute name="ldif" default="classpath:*.ldif" type="xs:string">
       <xs:annotation>
-        <xs:documentation>Explicitly specify an ldif file resource to load </xs:documentation>
+        <xs:documentation>Explicitly specify an ldif file resource to load into the embedded server</xs:documentation>
       </xs:annotation>
     </xs:attribute>
   </xs:attributeGroup>
diff --git a/core/src/test/resources/org/springframework/security/ldap/ldapIntegrationTestContext.xml b/core/src/test/resources/org/springframework/security/ldap/ldapIntegrationTestContext.xml
index f904fe92e0..6103b0e9dc 100644
--- a/core/src/test/resources/org/springframework/security/ldap/ldapIntegrationTestContext.xml
+++ b/core/src/test/resources/org/springframework/security/ldap/ldapIntegrationTestContext.xml
@@ -5,12 +5,12 @@
     xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
     http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
 
-    <security:ldap ldif="classpath:test-server.ldif"/>
+    <security:ldap port="53389" ldif="classpath:test-server.ldif"/>
 
     <!--<import resource="classpath:/org/springframework/security/ldap/apacheDsContext.xml"/>-->
 
     <bean id="initialDirContextFactory" class="org.springframework.security.ldap.DefaultInitialDirContextFactory" >
-        <constructor-arg value="ldap://127.0.0.1:3389/dc=springframework,dc=org"/>
+        <constructor-arg value="ldap://127.0.0.1:53389/dc=springframework,dc=org"/>
         <property name="useLdapContext" value="true"/>
         <property name="dirObjectFactory" value="org.springframework.ldap.core.support.DefaultDirObjectFactory" />
 	</bean>