What ports need to be open to authenticate to an ad server from an asp net site


When developing an ASP.NET site that needs to authenticate with an Directory (AD) , it is important to that the necessary ports are open for communication. This article will guide you through the process of determining ports need to be open and provide examples of how to configure your ASP.NET code accordingly.

Determining the Ports

Before we can configure our ASP.NET code, we need to determine which ports are required for authentication with an AD server. The most commonly used ports for AD authentication are:

  • Port 389: LDAP (Lightweight Directory Access Protocol)
  • Port 636: LDAPS (LDAP over SSL)
  • Port 3268: Global
  • Port 3269: Global Catalog over SSL

These ports are used for various operations such as querying the directory, authenticating users, and retrieving user information. Depending on your specific and network configuration, you may need to open one or more of these ports.


Once you have determined the required ports, you can configure your ASP.NET code to authenticate with the AD server. Here is an example of how to establish a connection using the System.DirectoryServices.AccountManagement namespace:

using System.DirectoryServices.AccountManagement;

public bool AuthenticateUser(string , string password)
    using (PrincipalContext context = new PrincipalContext(ContextType.Domain, "yourdomain.com", "DC=yourdomain,DC=com"))
        return context.ValidateCredentials(username, password);

In this example, we create a new instance of the PrincipalContext class, specifying the domain name and the distinguished name (DN) of the domain controller. We then call the ValidateCredentials method to authenticate the user with the provided username and password.


Authenticating to an AD server from an ASP.NET site requires opening the necessary ports and configuring your code accordingly. By following the steps outlined in this article, you should be able to determine the required ports and establish a successful connection with the AD server. Remember to adjust the code example to match your specific domain and network configuration.

Rate this post

Leave a Reply

Your email address will not be published. Required fields are marked *

Table of Contents