Prerequisites for the Nodinite LDAP Adapter for Microsoft BizTalk Server
Unlock seamless integration between Microsoft BizTalk Server and your LDAP environments with the Nodinite LDAP Adapter. This page details everything you need to get started, from system requirements to firewall settings and user rights. Ensure a smooth, secure deployment and maximize your investment in Nodinite.
✅ Effortless integration with LDAP, Active Directory, and ADAM/LDS
✅ Secure, role-based access and compliance with best practices
✅ Comprehensive firewall and port guidance for robust connectivity
✅ Flexible deployment in virtualized and on-premises environments
This page describes the prerequisites for installing and running the Nodinite LDAP Adapter for Microsoft BizTalk Server
Visual overview: Nodinite LDAP Adapter connects BizTalk Server to multiple LDAP services, including Active Directory, DIRX, and ADAM/LDS.
The host instances associated with the LDAP adapter (associated send hosts) must be restarted. This might temporarily disrupt your run-time, so always install during an announced, pre-approved service window.
Before installing the LDAP adapter, review this guide to ensure all prerequisites are met. Requirements may vary depending on your environment and integration needs.
- The software must be properly licensed.
- Meet all software and hardware requirements.
- Ensure firewall requirements are satisfied.
- Microsoft BizTalk Server must be installed and configured before adding the LDAP Adapter.
- The user account for installation must be part of the BizTalk Administrators and SSO Administrators roles.
- Enable encryption with secured channels if your certificate infrastructure is set up—see the Nodinite LDAP SSL user guide for details.
Software Requirements
Install the Nodinite LDAP Adapter for Microsoft BizTalk Server on all BizTalk Server nodes that process LDAP operations.
- Compatible with Windows Active Directory and other LDAP servers/services
- Supports virtualized environments
- Customer is responsible for backup solutions and monitoring
- Virus protection is supported; apply appropriate exclusions
- FIPS can be enabled on Windows/BizTalk servers; license key uses FIPS-compliant algorithms
- The Nodinite LDAP Web API requires .NET CORE 5.0 or later
|Product||
|---|---|
| Windows Server|Windows 2025
Windows 2022
Windows 2019
Windows 2016
Windows 2012 R2
Windows 2012, Windows 2008 R2|
| .NET Framework|.NET Framework 4.0 or later (depends on your installed version of BizTalk)|
- The adapter may log to the local event log and can generate many entries. Set event logs to overwrite (avoid fixed-size logs) to prevent data loss.
Supported Microsoft BizTalk Server Versions
- Visual Studio Professional 2010 or later with C# and the appropriate source control client (for developers only).
Use the following Visual Studio version for your BizTalk Server:
BizTalk | Visual Studio |
---|---|
BizTalk 2020 | 2019 |
BizTalk 2016 | 2015 |
BizTalk 2013 R2 | 2013 |
BizTalk 2013 | 2012 |
BizTalk 2010 | 2010 |
- Latest SP and CU recommended
- All BizTalk Server editions supported (Developer, Standard, Enterprise, RFID, etc.)
- Send hosts can be X86 and/or X64
DTC/MSDTC
The Adapter is built with Microsoft MSDTC and supports the two-phase commit protocol. While Active Directory does not currently support distributed transactions, the Adapter is ready to leverage this feature when available.
Review the MSDTC user guide for additional information.
What Windows User Rights does the Nodinite LDAP Adapter for Microsoft BizTalk Server require?
The Nodinite LDAP Adapter for Microsoft BizTalk Server installs as a third-party BizTalk Server Adapter and offers flexible credential management:
- Dynamically set using Context properties (overrides send port settings)
- SSO—update code without password hassles
- Explicitly set in the send port
- Defaults to the Host Instance service account if not set
For Windows Active Directory, standard Windows user rights apply. For other LDAP services, provide specific connection details (option 4 may not be available).
- Follow the principle of least privilege for all accounts.
- Use separate accounts for different environments (Prod, Test, etc.)
- LDAP query accounts must have proper read/write access to target objects.
- Servers should be domain-joined unless explicit connection info is provided.
What Firewall settings are required for the Nodinite LDAP Adapter for Microsoft BizTalk Server?
The Nodinite LDAP Adapter for Microsoft BizTalk Server only requires outbound communication between the BizTalk Server node and the LDAP Service.
Network diagram: Outbound communication from BizTalk Server to LDAP services, with required ports for each service.
The following standard ports must be open (if in use) between your AD/LDAP servers and BizTalk Server. Your environment must conform to the required ports specified in 'Required Ports for BizTalk Server'
Port Name | Port Number | Comment |
---|---|---|
OpenLDAP, Fedora, Sun, Active Directory | 389 | |
OpenDS | 1389 | |
Apache Directory Server | 10389 | |
LDAP SSL | 636 | |
RPC (DTC) | 135 | |
Global Catalog DCs | 3268, 3269 | |
Kerberos | 88 | |
DNS | 53 | |
SMB V2, V3 | Usually 445 | |
TCP Netbios-ssn | 139 | |
TCP SMB msft-ds | 445 | |
SSL | 443 | |
IPsec ISAKMP | ||
ISAKMP uses UDP as its transport protocol. ISAKMP traffic normally goes over UDP port 500, unless NAT-T is used in which case UDP port 4500 is used | ||
NAT-T | 4500 | See IPsec ISAKMP |
RPC randomly allocated high TCP ports | 1024-5000, 49152-65535 |
Note
Your LDAP Service may use other ports depending on product and configuration. Additional firewall exclusions may be required. If you have other servers in your production environment, you may need to open more ports. For more information about Windows Server System™ port requirements, see http://go.microsoft.com/fwlink/?LinkId=25713.
You can view the dynamic port range using the following netsh commands:
From article: https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/service-overview-and-network-port-requirements
netsh int ipv4 show dynamicport tcp
netsh int ipv4 show dynamicport udp
netsh int ipv6 show dynamicport tcp
netsh int ipv6 show dynamicport udp
Frequently asked questions
Find solutions to common problems and explore the Nodinite LDAP Adapter for Microsoft BizTalk Server FAQ in the Troubleshooting user guide.
Next Step
Related Topics
Nodinite LDAP Web API