- 5 minutes to read

Prerequisites for the Nodinite LDAP Adapter for Microsoft BizTalk Server

Unlock seamless integration between Microsoft BizTalk Server and your LDAP environments with the Nodinite LDAP Adapter. This page details everything you need to get started, from system requirements to firewall settings and user rights. Ensure a smooth, secure deployment and maximize your investment in Nodinite.

✅ Effortless integration with LDAP, Active Directory, and ADAM/LDS
✅ Secure, role-based access and compliance with best practices
✅ Comprehensive firewall and port guidance for robust connectivity
✅ Flexible deployment in virtualized and on-premises environments

This page describes the prerequisites for installing and running the Nodinite LDAP Adapter for Microsoft BizTalk Server

graph LR subgraph "Microsoft BizTalk Server" ro2(fal:fa-users Nodinite LDAP Adapter) end subgraph "LDAP Services" ro2 -.- roAD(fab:fa-windows Active Directory) ro2 -.- roDIRX(fal:fa-users DIRX) ro2 -.- roADAM(fas:fa-users ADAM/LDS) ro2 -.- roLDAP(far:fa-folder LDAP Service X) end

Visual overview: Nodinite LDAP Adapter connects BizTalk Server to multiple LDAP services, including Active Directory, DIRX, and ADAM/LDS.

Verified Topic
Software Requirements
What Windows User Rights does the Nodinite LDAP Adapter for Microsoft BizTalk Server require?
What Firewall settings are required for the Nodinite LDAP Adapter for Microsoft BizTalk Server?

The host instances associated with the LDAP adapter (associated send hosts) must be restarted. This might temporarily disrupt your run-time, so always install during an announced, pre-approved service window.

Before installing the LDAP adapter, review this guide to ensure all prerequisites are met. Requirements may vary depending on your environment and integration needs.

  • The software must be properly licensed.
  • Meet all software and hardware requirements.
  • Ensure firewall requirements are satisfied.
  • Microsoft BizTalk Server must be installed and configured before adding the LDAP Adapter.
  • The user account for installation must be part of the BizTalk Administrators and SSO Administrators roles.
  • Enable encryption with secured channels if your certificate infrastructure is set up—see the Nodinite LDAP SSL user guide for details.

Software Requirements

Install the Nodinite LDAP Adapter for Microsoft BizTalk Server on all BizTalk Server nodes that process LDAP operations.

  • Compatible with Windows Active Directory and other LDAP servers/services
  • Supports virtualized environments
  • Customer is responsible for backup solutions and monitoring
  • Virus protection is supported; apply appropriate exclusions
  • FIPS can be enabled on Windows/BizTalk servers; license key uses FIPS-compliant algorithms
  • The Nodinite LDAP Web API requires .NET CORE 5.0 or later

|Product|| |---|---| | Windows Server|Windows 2025
Windows 2022
Windows 2019
Windows 2016
Windows 2012 R2
Windows 2012, Windows 2008 R2| | .NET Framework|.NET Framework 4.0 or later (depends on your installed version of BizTalk)|

  • The adapter may log to the local event log and can generate many entries. Set event logs to overwrite (avoid fixed-size logs) to prevent data loss.

Supported Microsoft BizTalk Server Versions

  • Visual Studio Professional 2010 or later with C# and the appropriate source control client (for developers only).

Use the following Visual Studio version for your BizTalk Server:

BizTalk Visual Studio
BizTalk 2020 2019
BizTalk 2016 2015
BizTalk 2013 R2 2013
BizTalk 2013 2012
BizTalk 2010 2010
  • Latest SP and CU recommended
  • All BizTalk Server editions supported (Developer, Standard, Enterprise, RFID, etc.)
  • Send hosts can be X86 and/or X64

DTC/MSDTC

The Adapter is built with Microsoft MSDTC and supports the two-phase commit protocol. While Active Directory does not currently support distributed transactions, the Adapter is ready to leverage this feature when available.

Review the MSDTC user guide for additional information.

What Windows User Rights does the Nodinite LDAP Adapter for Microsoft BizTalk Server require?

The Nodinite LDAP Adapter for Microsoft BizTalk Server installs as a third-party BizTalk Server Adapter and offers flexible credential management:

  1. Dynamically set using Context properties (overrides send port settings)
  2. SSO—update code without password hassles
  3. Explicitly set in the send port
  4. Defaults to the Host Instance service account if not set

For Windows Active Directory, standard Windows user rights apply. For other LDAP services, provide specific connection details (option 4 may not be available).

  • Follow the principle of least privilege for all accounts.
  • Use separate accounts for different environments (Prod, Test, etc.)
  • LDAP query accounts must have proper read/write access to target objects.
  • Servers should be domain-joined unless explicit connection info is provided.

What Firewall settings are required for the Nodinite LDAP Adapter for Microsoft BizTalk Server?

The Nodinite LDAP Adapter for Microsoft BizTalk Server only requires outbound communication between the BizTalk Server node and the LDAP Service.

graph LR subgraph "Microsoft BizTalk Server" ro2(fal:fa-users Nodinite LDAP Adapter) end subgraph "LDAP Services" ro2 -.- |389, 636, ...| roAD(fab:fa-windows Active Directory) ro2 -.- |389, ...| roDIRX(fal:fa-users DIRX) ro2 -.- |389, 636, ...| roADAM(fas:fa-users ADAM/LDS) ro2 -.- | ... | roLDAP(far:fa-folder LDAP Service X) end

Network diagram: Outbound communication from BizTalk Server to LDAP services, with required ports for each service.

The following standard ports must be open (if in use) between your AD/LDAP servers and BizTalk Server. Your environment must conform to the required ports specified in 'Required Ports for BizTalk Server'

Port Name Port Number Comment
OpenLDAP, Fedora, Sun, Active Directory 389
OpenDS 1389
Apache Directory Server 10389
LDAP SSL 636
RPC (DTC) 135
Global Catalog DCs 3268, 3269
Kerberos 88
DNS 53
SMB V2, V3 Usually 445
TCP Netbios-ssn 139
TCP SMB msft-ds 445
SSL 443
IPsec ISAKMP
ISAKMP uses UDP as its transport protocol. ISAKMP traffic normally goes over UDP port 500, unless NAT-T is used in which case UDP port 4500 is used
NAT-T 4500 See IPsec ISAKMP
RPC randomly allocated high TCP ports 1024-5000, 49152-65535

Note

Your LDAP Service may use other ports depending on product and configuration. Additional firewall exclusions may be required. If you have other servers in your production environment, you may need to open more ports. For more information about Windows Server System™ port requirements, see http://go.microsoft.com/fwlink/?LinkId=25713.

You can view the dynamic port range using the following netsh commands:
From article: https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/service-overview-and-network-port-requirements

netsh int ipv4 show dynamicport tcp
netsh int ipv4 show dynamicport udp
netsh int ipv6 show dynamicport tcp
netsh int ipv6 show dynamicport udp

Frequently asked questions

Find solutions to common problems and explore the Nodinite LDAP Adapter for Microsoft BizTalk Server FAQ in the Troubleshooting user guide.

Next Step

Install

Nodinite LDAP Web API