What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general. You are invited to get involved by asking and answering questions!

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
300.000 administrators have chosen PRTG to monitor their network. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

How can I force PRTG to use LDAPS (port 636) for Active Directory Integration?

Votes:

6

Your Vote:

Up

Down

I figured out that prtg uses an unencrypted ldap connection to my domain controller. The Domain Controller supports LDAPS. Other tools already connecting via ldaps on port 636 to this domain controler. What do I have to do to configure prtg to use ssl?

activedirectory ldap ssl

Created on May 29, 2018 8:41:45 AM by  fho (6) 1



21 Replies

Votes:

0

Your Vote:

Up

Down

We're currently checking the usage of LDAPS for the Active Directory Authentication, please bear with us.


Kind regards,
Stephan Linke, Tech Support Team

Created on May 29, 2018 6:15:14 PM by  Stephan Linke [Paessler Support]

Last change on Dec 16, 2019 11:22:09 AM by  Stephan Linke [Paessler Support]



Votes:

0

Your Vote:

Up

Down

Any Updates on this? is the LDAP communication signed? otherwise it will soon stop working since unsigned/unencrypted LDAP communication will stop working soon: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190023

Created on Dec 23, 2019 8:00:24 AM by  Rhaus (0)



Votes:

2

Your Vote:

Up

Down

We're aware of it, and we'll do something about it. Note that the "release date" has been pushed to 03/2020, which gives us some more time :)

Created on Dec 23, 2019 11:54:28 AM by  Stephan Linke [Paessler Support]



Votes:

0

Your Vote:

Up

Down

Any news regarding when this is planned to be released?

Created on Jan 16, 2020 1:47:00 PM by  misvon (0)



Votes:

0

Your Vote:

Up

Down

We hope to make it in time with the Microsoft release :)

Created on Jan 17, 2020 7:59:40 AM by  Stephan Linke [Paessler Support]



Votes:

2

Your Vote:

Up

Down

Is there any update ?

Created on Jan 21, 2020 7:46:50 AM by  Systeembeheer NSD (45) 1



Votes:

0

Your Vote:

Up

Down

No, not yet - as mentioned, we're currently evaluating this and hope to implement it in time. Thanks for your patience on the matter!

Created on Jan 21, 2020 8:06:08 AM by  Stephan Linke [Paessler Support]



Votes:

3

Your Vote:

Up

Down

Hey Stephan and PRTG Team - will this thread be our best source of information on this? Or should we look for an announcement on the newsletter when this is addressed?

For your awareness, this "fix" is a requirement for us, and could make PRTG a non-usable product for us if not addressed.

Created on Jan 24, 2020 5:12:56 AM by  andysauer (30)



Votes:

0

Your Vote:

Up

Down

Quick update
With some first tests, it shows that PRTG will continue to work, but the LDAP Sensor stops working.

Created on Jan 27, 2020 2:06:10 PM by  Stephan Linke [Paessler Support]

Last change on Jan 27, 2020 2:06:20 PM by  Stephan Linke [Paessler Support]



Votes:

0

Your Vote:

Up

Down

Stephan,

Do you mean we can authenticate to PRTG through LDAPS successfully, per your testing? That would be great news.

Created on Jan 27, 2020 5:13:27 PM by  andysauer (30)



Votes:

0

Your Vote:

Up

Down

I am really concerned with this issue. Yesterday I performed a test on my domain enabling LDAPS and many things stopped working.

Created on Jan 31, 2020 5:43:50 PM by  fabiomacchia (0)



Votes:

0

Your Vote:

Up

Down

What things in particular, if I may ask?

Created on Feb 3, 2020 7:24:42 AM by  Stephan Linke [Paessler Support]



Votes:

0

Your Vote:

Up

Down

Hey, are there any updates about this issue? Thanks and kind regards :)

Created on Mar 5, 2020 12:41:37 PM by  Kevin Forter (0) 1



Votes:

0

Your Vote:

Up

Down

The LDAP Sensor will have support for LDAPS with PRTG 20.x.57. Support for AD Authentication with LDAPS will hopefully make it's way into 20.x.58. Microsoft postponed the release yet again, so we should be fine with that :)

Created on Mar 6, 2020 8:16:23 AM by  Stephan Linke [Paessler Support]



Votes:

0

Your Vote:

Up

Down

I tried the LDAP Sensor with LDAPS and it works all fine. Is there already a known release date for the patch? I am running on PRTG version 20.1.55.1775 so for me it would the patch 20.1.56.1775, right?

Created on Mar 9, 2020 6:58:43 AM by  Kevin Forter (0) 1



Votes:

0

Your Vote:

Up

Down

That's nice to hear (LDAPS already working), but there's some things left to be done behind the scenes :) We're trying to release every last week of the month (+/- a few days), so rough estimates would be 21.03 and 21.04).

Regarding the version numbers, it's always <year>.<quarter>.<major>.<minor>, so for the March release, it should be 20.1.56.xxxx, and for April, it'd be 20.2.57.xxxx.

Created on Mar 9, 2020 7:37:11 AM by  Stephan Linke [Paessler Support]



Votes:

0

Your Vote:

Up

Down

then i'm gonna have to be patient a little longer :)

thanks for your information and kind regards

Created on Mar 9, 2020 10:42:14 AM by  Kevin Forter (0) 1



Votes:

0

Your Vote:

Up

Down

Still not working on version 20.2.58.1629+

Created on May 19, 2020 10:29:57 PM by  wburnham (0)



Votes:

0

Your Vote:

Up

Down

What exactly is not working? What error message do you get here?

Created on May 20, 2020 9:59:46 AM by  Stephan Linke [Paessler Support]



Votes:

0

Your Vote:

Up

Down

Any news to this? LDAP over SSL is not working on my 2019 AD Servers at the moment. Only LDAP sensor works fine. Is there any Option to configure the port, or different sensor for LDAPS? Other Systems are already up and running on port 636 against th MS AD LDAPS.

Checkining only if the port is reachable is not enough.

Thanks for your answers

Created on Feb 12, 2021 10:26:04 AM by  SUN-DE (0) 1



Votes:

0

Your Vote:

Up

Down

@SUN-DE are you having trouble probing LDAPS using the LDAP probe or are you having trouble connecting to AD for User/Group lookups for PRTG admin accounts?

If it is the LDAP probe that is the problem, as it sounds like that is what you are complaining about, then that is definitely not a problem.

Set up the LDAP sensor probe as you normally would, and select "Use LDAP over SSL" in the "LDAP Specific" Settings.

Note, your parent sensor must be addressing the server by it's full FQDN, as it is written in the certificate of the server or the probe will fail. short names and IP addresses can't be used unless they are also listed in the certificate.

Created on Feb 12, 2021 2:17:34 PM by  macphersonr (0)



Please log in or register to enter your reply.


Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.