What Port Does The Ldap Service Use

Port Numbers

At design fourth dimension, select port numbers for each Directory Server and Directory Proxy Server instance. If possible, exercise not change port numbers after your directory service is deployed in a production surround.

Dissever port numbers must be allocated for various services and components.

Directory Server and Directory Proxy Server LDAP and LDAPS Port Numbers
Directory Server DSML Port Numbers
Directory Service Control Center and Mutual Amanuensis Container Port Numbers
Identity Synchronization for Windows Port Numbers

Directory Server and Directory Proxy Server LDAP and LDAPS Port Numbers

Specify the port number for accepting LDAP connections. The standard port for LDAP communication is 389, although other ports can exist used. For example, if you must be able to beginning the server as a regular user, use an unprivileged port, by default 1389. Port numbers less than 1024 require privileged access. If you lot use a port number that is less than 1024, certain LDAP commands must be run as root.

Specify the port number for accepting SSL-based connections. The standard port for SSL-based LDAP (LDAPS) advice is 636, although other ports tin be used, such as the default 1636 when running as a regular user. For example, an unprivileged port might be required so that the server tin can be started every bit a regular user.

If you lot specify a non-privileged port and a server instance is installed on a organisation to which other users have access, you might betrayal the port to a hijack risk by another application. In other words, another awarding can bind to the same address/port pair. The rogue application might then exist able to process requests that are intended for the server. The application could likewise be used to capture passwords used in the authentication process, to alter client requests or server responses, or to produce a denial of service assail.

Both Directory Server and Directory Proxy Server allow you to restrict the listing of IP addresses on which the server listens. Directory Server has configuration attributes nsslapd-listenhost and nsslapd-securelistenhost. Directory Proxy Server has listen-address properties on ldap-listener and ldaps-listener configuration objects. When you lot specify the list of interfaces on which to listen, other programs are prevented from using the same port numbers as your server.

Directory Server DSML Port Numbers

In addition to processing requests in LDAP, Directory Server also responds to requests sent in the Directory Service Markup Linguistic communication v2 (DSML). DSML is another style for a customer to encode directory operations. Directory Server processes DSML as any other request, with the same access control and security features.

If your topology includes DSML admission, place the following:

A standard HTTP port for receiving DSML requests. The default port is 80.
If SSL is activated, an encrypted (HTTPS) port for receiving encrypted DSML requests. The default port is 443.
A relative URL that, when appended to the host and port, determines the complete URL that clients must use to send DSML requests

For information about configuring DSML, see To Enable the DSML-over-HTTP Service in Oracle Directory Server Enterprise Edition Assistants Guide.

Directory Service Control Center and Common Agent Container Port Numbers

Directory Service Control Center, DSCC, is a web awarding that enables you to administer Directory Server and Directory Proxy Server instances through a web browser. For a server to exist recognized past DSCC, the server must be registered with DSCC. Unregistered servers can still be managed using command-line utilities.

DSCC communicates with DSCC agents located on the systems where servers are installed. The DSCC agents run inside a common agent container, which routes network traffic to them and provides them a framework in which to run.

If y'all plan to use DSCC to administer servers in your topology, identify the following port numbers.

The encrypted HTTPS port for accessing DSCC on the system where DSCC is installed. The default port is 8080.
The management traffic port for DSCC to access its agents local to the server through the common amanuensis container, default: 11162, on the system where the server instances are installed.
The port numbers for the DSCC Registry instance, if you plan to replicate the configuration data. See dsccsetup(1M) for details.

Fifty-fifty if all components are installed on the aforementioned organization, DSCC however communicates with its agents through these network ports.

Identity Synchronization for Windows Port Numbers

If your deployment includes identity synchronization with Microsoft Active Directory, an available port is required for the Message Queue instance. This port must be bachelor on each Directory Server instance that participates in the synchronization. The default non-secure port for Message Queue is eighty, and the default secure port is 443.

Y'all must also make boosted installation decisions and configuration decisions when planning your deployment. For details on installing and configuring Identity Synchronization for Windows, see Oracle Identity Synchronization for Windows six.0 Installation and Configuration Guide.