LDAP communication channels

LDAP typically uses one of these types of communication channels.

Table 1. LDAP communication channels
Connection Description LDAP import support? LDAP authentication support?
MID Server connection Communicates over HTTP on port 80 by default. This communication channel does not require a certificate. The connection between the MID Server and the instance is over HTTPS (port 443). You can use the MID Server to import data over LDAP, but you cannot use the MID Server for LDAP authentication. Proceed to Define the LDAP Server. Yes No
Standard LDAP integration Communicates over TCP on port 389 by default. This communication channel does not require a certificate. Proceed to Define the LDAP Server. Yes Yes
SSL-encrypted LDAP integration (LDAPS) Communicates over TCP on port 636 by default, This communication channel requires a certificate. Proceed to Upload the LDAP X.509 SSL certificate to obtain and upload the certificate. Yes Yes
VPN connection Communicates over an IPSEC tunnel. Purchase or create an IPSEC tunnel on your local network. Proceed to Define the LDAP Server. Yes Yes

A MID server initiates one connection to an LDAP server via port 389, then initiates an encrypted HTTPS connection to an instance via port 443 to push data to the instance. When using a MID server, the instance does not make the connection to the LDAP server. The MID server does.

The instance can also connect to the LDAP server directly, using LDAP or LDAPS, either over the internet or through a VPN tunnel.

For more information about VPNs, Mid Servers, and LDAP, see You Don't Need A VPN Part II on the community.