What is Active Directory?

Microsoft Active Directory (AD) is a type of external authentication that can provide rich details about authenticated users, including email address, group membership and client certificates.

AD is essentially an extended version of LDAP optimized for Windows environments, but AD is only available from Microsoft.  As such, AD (LDAP) connections use TCP port 389 but can (and should) be secured with SSL.  When AD (LDAP) is secured in this manner, it typically uses TCP port 636 and is often referred to as “LDAPS”.

BEST PRACTICE: Use SSL secured connections to AD whenever possible; the information these data streams contain should be treated like passwords in transit.   Store as much information about the user in AD as your file transfer technology will permit; this will improve your ability to retain centralized control of that data and allow you to easily switch to different file transfer technology if your needs change.

Leave a comment

You must be logged in to post a comment.

Event Log Analyzer by SolarWinds