OneLogin - Using ADC secure port 636 (4383139)

Feedback submitted.

Did this article solve an issue for you?

[Select Rating]

Title

OneLogin - Using ADC secure port 636
Description

Looking for information on how to force the Active Directory Connector to communicate over port 636 instead of port 389.
Cause

The connector always connects to the Active Directory domain controller over port 389, there is no visible option to use port 636 instead.
Resolution

The AD connector communicates with the domain controller via port 389, port 636 cannot be manually forced for this specific connection.

Although port 389 is utilized, the connector uses a secure authentication method through the .NET framework rather than sending usernames and passwords in clear text.

You can verify the traffic with a Network Capture Tool using a tool like Wireshark to monitor traffic between the connector and the domain controller to confirm that authentication is not occurring via a simple clear-text bind.

You may also review the following Microsoft article which explains AD will reject insecure LDAP binds:

https://learn.microsoft.com/en-us/troubleshoot/windows-server/active-directory/enable-ldap-signing-in-windows-server
Additional Information

The connector uses the Microsoft .NET framework to communicate with the domain controller. The framework handles the underlying communication method. Unlike another connector type mentioned in the source content, this connector does not make direct LDAP calls to the domain controller.

Feedback submitted.

Did this article solve an issue for you?

[Select Rating]

Share your favorite Support content with a friend.

Email To
Email From
Subject	Information from Support
Message	You might be interested in the following information For more information regarding support on your Product, please visit www.software.dell.com/support

Title