12-30-2016 07:41 AM
I am requesting a feature enhancement to ISE 2.1:
We are currently using Active Directory as an external identity source, however, all queries are over default TCP/389. We would like to continue using Active Directory as the external identity source, but over the secure LDAP, TCP/636
Is this possible? There is an external identity source available for LDAPS, but carries additional administration overhead. The Active Directory plugin integrates well.
Solved! Go to Solution.
12-30-2016 02:34 PM
When ISE communicates with Microsoft Active Directory using ISE AD runtime agent (via AD join points), it encrypts the connections even though using TCP/389, and this is not configurable.
ISE may also connect to AD using LDAP protocol (via LDAP connector or LDAP ID source), where you have the option to use LDAPS.
12-30-2016 02:34 PM
When ISE communicates with Microsoft Active Directory using ISE AD runtime agent (via AD join points), it encrypts the connections even though using TCP/389, and this is not configurable.
ISE may also connect to AD using LDAP protocol (via LDAP connector or LDAP ID source), where you have the option to use LDAPS.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide