VMware Horizon Community
MrBeatnik
Hot Shot
Hot Shot
‎04-09-2020 07:01 AM
Jump to solution

Horizon AD Domain - does it use LDAP or LDAPS lookups?

Hi All,

We are just reviewing our LDAP/LDAPS situation across all services to ensure SSL / Port 636 is being used as appropriate when doing any Active Directory lookups.

The problem is I can't find definitive information that Horizon is doing this.

Can anyone point to details about this?

There certainly aren't any GUI settings to enable a secure channel - I would assume it is all running on secure as standard, but confirmation is needed.

Thanks.

0 Kudos
1 Solution

Accepted Solutions
nburton935
Hot Shot
Hot Shot
‎04-09-2020 05:03 PM
Jump to solution

Because Connection Servers are domain-joined, they leverage typical Windows client -> DC comms. This is why no service account is needed for AD authentication - the Computer Account is utilized. As long as your Domain Controllers have a valid certificate and listen on LDAPS/636, the Windows clients (and Connection Servers) will prefer that channel.

View solution in original post

1 Reply
nburton935
Hot Shot
Hot Shot
‎04-09-2020 05:03 PM
Jump to solution

Because Connection Servers are domain-joined, they leverage typical Windows client -> DC comms. This is why no service account is needed for AD authentication - the Computer Account is utilized. As long as your Domain Controllers have a valid certificate and listen on LDAPS/636, the Windows clients (and Connection Servers) will prefer that channel.