The Active Directory connector is a Windows Agentless connector with the "Is Active Directory" switch enabled. During our research, we found that the connector still uses port 389. We have a new policy to stop using port 389 and only use TLS 1.2 connections directly. Is there a why to enable this connector to use port 636 with TLS 1.2 encryption?
Environment
Release: Component: SEOSWG
Resolution
In regards to the endpoint where 'is Active Directory' is checked, AccountManager (running under AgentManager) uses ADSI API to work with user accounts. It uses ADS_SECURE_AUTHENTICATION flag that means Active Directory uses Kerberos authentication, not TLS.