0 votes

Adaxes Service

To enable communication between Adaxes service and Active Directory, the following ports (TCP and UDP) must be open for outgoing connections on the computer where your Adaxes service is installed, and for incoming connections on the Domain Controller(s) that you want Adaxes to connect to.

  • 389 LDAP - to connect to Active Directory
  • 636 LDAP (SSL) - to connect to Active Directory via SSL
  • 3268 LDAP - to connect to AD Global Catalog
  • 3269 LDAP (SSL) - to connect to AD Global Catalog via SSL
  • 88 Kerberos - for authentication
  • 135 RPC - to resolve AD user names
  • Dynamic RPC ports* - to communicate with Active Directory

Additionally, to allow communication between Adaxes service and your Exchange Servers, you need to open the following ports:

  • 80 HTTP - if Adaxes service and Exchange are installed in the same forest
  • 443 HTTPS - if Adaxes service and Exchange are installed in different forests

Also, you need to allow Adaxes service to ping Active Directory domain controllers. To do this, enable Echo ICMP Requests (ping) in the firewall settings.

Adaxes Clients

Adaxes Web Interface, REST API, and Adaxes Administration Console use the following ports (TCP and UDP):

  • 389 LDAP - to connect to Active Directory
  • 54782 - for communication with the Adaxes service

If Adaxes clients are deployed in the perimeter network (DMZ), only the 54782 port needs to be opened in the firewall for communication between Adaxes clients in the DMZ and Adaxes service on the intranet.

If an Adaxes client is deployed in a domain that is:

  • Not managed by Adaxes service and
  • Different from the domain where Adaxes service is deployed,

then you also need to open the 3268 port on the computer where that Adaxes client is installed. It will be used to connect to AD Global Catalog to locate the Adaxes service.

It is possible to change the port used for communication between Adaxes service and Adaxes clients (Web Interface and Administration console). For this purpose you need to change the port attribute of the following XML element of the Adaxes service configuration file (Softerra.Adaxes.Service.exe.Config):

<configuration>
  ...
    <system.runtime.remoting>
    <customErrors mode="Off" />
    <application>
      <channels>
        <channel ref="tcp" port="54782" priority="2" secure="true">

The Softerra.Adaxes.Service.exe.Config file is located in the folder where the Adaxes Service is installed (by default, C:\Program Files\Softerra\Adaxes 3\Service).


* To enable communication through dynamic RPC ports:

by (560 points)

Please log in or register to answer this question.

Related questions

0 votes
1 answer

We are planning to use Adaxes in our environment and before proceeding, we need to understand the firewall port requirements for Adaxes service to work. What are the firewall ports needed between Adaxes and AD domain controller?

asked Jan 24 by Renugopal (120 points)
0 votes
0 answers

Adaxes service account Adaxes itself doesn't store the password for the Adaxes service account. Adaxes service is installed as a Windows system service that runs under the Adaxes ... its copy of the master key and decrypt it locally with its own private key.

asked Oct 14, 2010 by Adaxes (560 points)
0 votes
0 answers

Softerra Adaxes does not extend the AD schema. Moreover, Softerra Adaxes does not store its data in Active Directory and doesn't modify the native permissions assigned in ... Adaxes, you can use Active Directory just as you did before the product installation.

asked Jun 17, 2009 by Adaxes (560 points)
0 votes
0 answers

By default, SSL is not configured for the Adaxes Web Interface and network transmissions are not encrypted. However, you can configure SSL on the Adaxes Web ... work in both cases: with Windows-integrated authentication and with forms-based authentication.

asked Oct 14, 2010 by Adaxes (560 points)
0 votes
1 answer

Hi, We're currently running Adaxes 2016, upgrade is planned but not within the next couple of months. As per the below KB MS are deprecating TLS 1.0 &amp; ... /en-us/troubleshoot/azure/active-directory/enable-support-tls-environment Thank you in advance. Gary

asked Jun 8, 2021 by gazoco (490 points)
3,538 questions
3,229 answers
8,222 comments
547,736 users