How to Change the Active Directory port for Privileged Identity Manager
search cancel

How to Change the Active Directory port for Privileged Identity Manager


Article ID: 190536


Updated On:


CA Privileged Identity Management Endpoint (PIM)


If it is required to change the port that PIM Enterprise Management uses to bind and search Active Directory, follow these steps.


  1. If it is disabled, enable the Management Console.
  2. Open the Management Console, click Directories, then click ac-dir.
  3. At the bottom of the page, click Export... to export the XML file.
  4. Open the XML file for editing and search for the following line. Replace 389 with the necessary port (636 for LDAPS, 3268 for the LDAP global catalog, or 3269 for LDAPS global catalog).
    <Connection host="AD_host_name" port="389"/>
  5. In the file, search for the following line and verify that value="" exists. When the ac-dir.xml file is exported, that part can disappear and uploading the file will error out if it is not there.
    <Container objectclass="top,organizationalUnit" attribute="ou" value=""/>
  6. Save the file and go back to the Management Console ac-dir page.
  7. Click Update... then choose the updated XML file and click Finish to update the configuration. It should complete with a warning that can be ignored as it is the following warning.
    Warning: Warning: Updating the Identity Manager directory "ac-dir"
  8. It is best practice to disable the Identity Minder Management Console after finishing work with it.
  9. Restart JBoss for the port change to take effect.

Additional Information

Enable the Management Console:

Open the Management Console:

Disable the Management Console: