Does ActiveADAPTER support SSL connections to Active Directory?

ActiveADAPTER allows you to use SSL for Active Directory communications if your Active Directory infrastructure is configured to support it (refer to your Microsoft documentation on how to enable SSL).

To use SSL with ActiveADAPTER, you must specify a server or domain name in your WhereToBind or container value and add your SSL port (normally 636). For example, to target the test.com domain via SSL on server testDC1 you might use:

LDAP://testDC1:636/OU=Accounting,DC=test,DC=com

It is also possible to use a domain name for serverless binding if your SSL configuration supports it. For example:

LDAP://test.com:636/OU=Accounting,DC=test,DC=com

Important notes

Do not use “LDAPS” in your strings. This is a convention not used in Microsoft’s Active Directory implementation and may cause an exception.

Note that using SSL may increase load on your Active Directory infrastructure. Our recommendation is to only use SSL where a clear business case exists.

If SSL is critical to your Active Directory solution, always perform an audit of your Active Directory configuration and inspect network traffic to confirm encryption before production use.

FAQs
What Can I Do With ActiveADAPTER?

Here is an example of one of dozens of high ROI BizTalk applications you can build with ActiveADAPTER.

Suppose Jane is a new hire in your organization.

At the end of the hiring process, HR notify IT operations of Jane's start date. A member of IT Operations (with no Active Directory knowledge) goes to your Service Desk system, raises a new ticket, and completes a simple form about Jane's role in your organisation.

From the information entered, the Service Desk system creates an xml file and submits it to BizTalk. BizTalk uses the information in the message and ActiveADAPTER to:

  • create Jane's Active Directory account
  • synchronize Jane's Active Directory telephone numbers, office location, and Manager's name from the information in HR system entered during the recruitment process
  • set a first-use password for Jane and specify that it must be changed on first logon
  • grant Jane access to the resources she will need by placing her in a number of security groups

On Jane's first day BizTalk uses ActiveADAPTER to enable Jane's account and emails the first-use password to her Manager at 8am.

On arrival, Jane is given her first-use password and logs on with access to everything she needs.

See the entire answer

What versions of Microsoft BizTalk Server does ActiveADAPTER support?

Microsoft BizTalk Server 2013 R2 to 2020.

We also have legacy versions back to 2006 R2.

See the entire answer

My Solicit-Response Send Port Query Is Only Returning 1000 Results

Try adding the setting PageSize="1000" to your query parameters. For example:

<ActiveDirectoryQuery><Directives WhereToBind="LDAP://CN=Users, DC=test, DC=com" Filter="(objectCategory=user)" SearchScope="onelevel" PropertiesToReturn="cn" PageSize="1000"/></ActiveDirectoryQuery>

By default Active Directory only allows for a single page of 1000 results. By explicitly setting this value multiple pages (and hence all results) are returned.

See the entire answer