- 4 minutes to read

Prerequisites for the Nodinite LDAP Web API

This page describes the prerequisites for successfully installing and hosting the latest version of the Nodinite LDAP Web API.

graph LR subgraph "Client Consumer" roClient(fal:fa-code Logic Apps/MuleSoft/WSO2/Custom Code...) end subgraph "LDAP Environment" roClient --> roLDAP(fal:fa-cloud-upload LDAP Web API) roLDAP-->roLA(fal:fa-folder LDAP Catalog Service) end

Instances of the Nodinite LDAP Web API must be installed on-premise on a Windows Server with IIS, or in the cloud/off-site if the target server is placed on a network with access to the LDAP catalog. You can also host the LDAP Web API inside your App Service Environment.

Verified Topic
Software Requirements
What rights does the client for Nodinite LDAP Web API require?
What Access Rights Does the Nodinite LDAP Web API Require?
What Firewall settings are required for the Nodinite LDAP Web API?

Software Requirements

The Nodinite LDAP Web API is installed in either the IIS or in your App Service Environment

Product Comment
ASP.NET Core ASP.NET Core 7.0 New 2.1.4

Earlier versions of this solution uses ASP.NET Core 5.0.

You must use a modern browser like Edge or Chrome. Add /swagger last in the address to test it out.

You must have ASP.NET Core installed

You must download and install the ASP.NET hosting bundle

You should review the Disable PAC Verification user guide and consider the changes required for better performance

IIS

If you host the Nodinite LDAP Web API in IIS, then you must install the following components:

Product Comment
Windows Server Windows 2022
Windows 2019
Windows 2016
Windows 2012 R2
Windows 2012
IIS If you host the API in IIS, then the App Pool must be a named account with read/write rights to the folder where the binaries are located

NOTE: A reboot after installation is required.

App Service Environment (ASE)

You can host the Nodinite LDAP Web API in an Azure App Service Environment (ASE). The App Service is using a Managed Identity to authenticate with the settings (you should store passwords in Key Vault).

  • The App Service requires a Role assigned the Azure Key Vault Administrator permission.
  • The App Service requires an App Configuration container to store the settings in use.

Supported Versions

Cloud technologies are evolving fast and as Microsoft deprecates older versions of their Services and APIs now and then. Nodinite will always support the APIs supported by Microsoft. This means you need to update the Nodinite LDAP Web API from time to time.

Make sure to subscribe to the Release Notes

What rights does the client for Nodinite LDAP Web API require?

The code, or the system integration platform uses an identifier (a Guid) to identify which connection to use, executing a LDAP statement. The API is not secured in any way but you should use HTTPS and you can further restrict access by white-listing IP addresses.

What Access Rights Does the Nodinite LDAP Web API Require?

  • The account being used for the LDAP queries must have proper read/write access to targeted objects in the LDAP/AD catalog.
  • The server must be domain joined, and you must target Active Directory, if you do not provide explicit connection information in the adapter.

What Firewall settings are required for the Nodinite LDAP WEB API?

For a complete list of ports, review the TCP and UDP ports user guide. The following ports must be always be allowed:

Port Name Inbound Outbound TCP UDP Comment
53 DNS The Agent needs to know where your other servers/services are (can sometimes optionally be solved using entries in the local hosts file)

The Nodinite LDAP Web API has both inbound and outbound communication:

  1. Between the Client/Consumer and the Nodinite LDAP Web API
  2. Between the Nodinite LDAP Web API and the LDAP Catalog Service (Active Directory, Novell, NIS, DIRX, ...)
graph LR subgraph "Client Consumer" roClient(fal:fa-code Logic Apps/MuleSoft/WSO2/Custom Code...) end subgraph "LDAP Environment" roClient --> |80,443| roLDAP(fal:fa-cloud-upload LDAP Web API) roLDAP --> |389, 636| roLA(fal:fa-folder LDAP Catalog Service) end

1. Between the Client/Consumer and the Nodinite LDAP Web API

Port Name Inbound Outbound TCP UDP Comment
80 HTTP inbound traffic
443 HTTPS Secure inbound traffic with

2. Between the Azure Logic Apps Logging and Monitoring agent and Azure Management API

Port Name Inbound Outbound TCP UDP Comment
389 RPC Default
636 RPC for SSL/LDAPS SSL

Frequently asked questions

Additional solutions to common problems and the FAQ for the Nodinite LDAP Web API exist in the Troubleshooting user guide.

Next Step

Install the Nodinite LDAP Web API

BizTalk LDAP Adapter