Does ActiveADAPTER support SSL connections to Active Directory?

ActiveADAPTER allows you to use SSL for Active Directory communications if your Active Directory infrastructure is configured to support it (refer to your Microsoft documentation on how to enable SSL).

To use SSL with ActiveADAPTER, you must specify a server or domain name in your WhereToBind or container value and add your SSL port (normally 636). For example, to target the test.com domain via SSL on server testDC1 you might use:

LDAP://testDC1:636/OU=Accounting,DC=test,DC=com

It is also possible to use a domain name for serverless binding if your SSL configuration supports it. For example:

LDAP://test.com:636/OU=Accounting,DC=test,DC=com

Important notes

Do not use “LDAPS” in your strings. This is a convention not used in Microsoft’s Active Directory implementation and may cause an exception.

Note that using SSL may increase load on your Active Directory infrastructure. Our recommendation is to only use SSL where a clear business case exists.

If SSL is critical to your Active Directory solution, always perform an audit of your Active Directory configuration and inspect network traffic to confirm encryption before production use.

FAQs
Can I use the ActiveADAPTER Send Adapter with dynamic send ports?

Yes. The Send Adapter is fully compatible with dynamic ports.

A sample orchestration showing the use of ActiveADAPTER with dynamic send ports is included in the ActiveADAPTER\Samples folder.

See the entire answer

What is an example of how and why I might use ActiveADAPTER?

Here is an example of one of dozens of high ROI BizTalk applications you can build with ActiveADAPTER.

Suppose Jane is a new hire in your organization.

At the end of the hiring process, HR notify IT operations of Jane's start date. A member of IT Operations (with no Active Directory knowledge) goes to your Service Desk system, raises a new ticket, and completes a simple form about Jane's role in your organisation.

From the information entered, the Service Desk system creates an xml file and submits it to BizTalk. BizTalk uses the information in the message and ActiveADAPTER to:

  • create Jane's Active Directory account
  • synchronize Jane's Active Directory telephone numbers, office location, and Manager's name from the information in HR system entered during the recruitment process
  • set a first-use password for Jane and specify that it must be changed on first logon
  • grant Jane access to the resources she will need by placing her in a number of security groups

On Jane's first day BizTalk uses ActiveADAPTER to enable Jane's account and emails the first-use password to her Manager at 8am.

On arrival, Jane is given her first-use password and logs on with access to everything she needs.

See the entire answer

Can ActiveADAPTER help me retrieve information from Active Directory?

Yes. The Active Directory Receive Adapter can be used to create a Receive Location that queries Active Directory at regular intervals and submit the results to your BizTalk application. A message can be submitted to BizTalk at every polling interval, or only when a change occurs in the query results (this is the "On Change Only" option on the Active Directory Receive Adapter property configuration).

In addition, the Active Directory Send Adapter can be used with a Solicit-Response Send Port to perform an on-demand query. You just send your query parameters to the send port in a message that conforms to the supplied schema, and receive your results back in a new message.

See the entire answer