12-30-2016 07:41 AM
I am requesting a feature enhancement to ISE 2.1:
We are currently using Active Directory as an external identity source, however, all queries are over default TCP/389. We would like to continue using Active Directory as the external identity source, but over the secure LDAP, TCP/636
Is this possible? There is an external identity source available for LDAPS, but carries additional administration overhead. The Active Directory plugin integrates well.
Solved! Go to Solution.
12-30-2016 02:34 PM
When ISE communicates with Microsoft Active Directory using ISE AD runtime agent (via AD join points), it encrypts the connections even though using TCP/389, and this is not configurable.
ISE may also connect to AD using LDAP protocol (via LDAP connector or LDAP ID source), where you have the option to use LDAPS.
12-30-2016 02:34 PM
When ISE communicates with Microsoft Active Directory using ISE AD runtime agent (via AD join points), it encrypts the connections even though using TCP/389, and this is not configurable.
ISE may also connect to AD using LDAP protocol (via LDAP connector or LDAP ID source), where you have the option to use LDAPS.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: