0 votes

Adaxes Service

To enable communication between Adaxes service and Active Directory, the following ports (TCP and UDP) must be open for outgoing connections on the computer where your Adaxes service is installed, and for incoming connections on the Domain Controller(s) that you want Adaxes to connect to.

  • 389 LDAP - to connect to Active Directory
  • 636 LDAP (SSL) - to connect to Active Directory via SSL
  • 3268 GC - to connect to AD Global Catalog
  • 88 Kerberos - for authentication
  • 135 RPC - to resolve AD user names
  • Dynamic RPC ports* - to communicate with Active Directory

Additionally, to allow communication between Adaxes service and your Exchange Servers, you need to open the following ports:

  • 80 HTTP - if Adaxes service and Exchange are installed in the same forest
  • 443 HTTPS - if Adaxes service and Exchange are installed in different forests

Also, you need to allow Adaxes service to ping Active Directory domain controllers. To do this, enable Echo ICMP Requests (ping) in the firewall settings.

Adaxes Clients

Adaxes Web Interface and Adaxes Administration Console use the following ports (TCP and UDP):

  • 389 LDAP - to connect to Active Directory
  • 54782 - for communication with the Adaxes service

If Adaxes clients are deployed in the perimeter network (DMZ), only the 54782 port needs to be opened in the firewall for communication between Adaxes clients in the DMZ and Adaxes service on the intranet.

It is possible to change the port used for communication between Adaxes service and Adaxes clients (Web Interface and Administration console). For this purpose you need to change the port attribute of the following XML element of the Adaxes service configuration file (Softerra.Adaxes.Service.exe.Config):

    <customErrors mode="Off" />
        <channel ref="tcp" port="54782" priority="2" secure="true">

The Softerra.Adaxes.Service.exe.Config file is located in the folder where the Adaxes Service is installed (by default, C:\Program Files\Softerra\Adaxes 3\Service).

* To enable communication through dynamic RPC ports:

by (217k points)

Please log in or register to answer this question.

Related questions

0 votes
0 answers

To upgrade to a new version of Adaxes and keep all configuration settings made in the old version, you need to back up the configuration of your Adaxes ... restore the configuration from the backup files. For detailed instructions, see Upgrade Instructions.

asked Dec 12, 2011 by Support (217k points)
0 votes
0 answers

Softerra Adaxes does not extend the AD schema. Moreover, Softerra Adaxes does not store its data in Active Directory and doesn't modify the native permissions assigned in ... Adaxes, you can use Active Directory just as you did before the product installation.

asked Jun 17, 2009 by Support (217k points)
–1 vote
0 answers

By default, SSL is not configured for the Adaxes Web Interface and network transmissions are not encrypted. However, you can configure SSL on the Adaxes Web ... work in both cases: with Windows-integrated authentication and with forms-based authentication.

asked Oct 14, 2010 by Support (217k points)
0 votes
1 answer

If I would like to manage multiple clients, each with their own domain, do I need to have VPN to each client to access their DC?

asked Sep 25 by Reid (450 points)
0 votes
1 answer

I'm seeing this error when I run a user deprovision. It still executes the script but nobody likes errors! Run PowerShell Script 'DuoDeprovisionExport' For the user. The term ' ... running an export script in the first place for my Duo user info. ) Thanks.

asked Feb 19 by rainamaina (290 points)
2,352 questions
2,106 answers
126,631 users