-
All computation is performed on server(s) provided by the customer.
-
All data and application logs are stored in a SQL server provided by the customer.
All computation is performed on server(s) provided by the customer.
All data and application logs are stored in a SQL server provided by the customer.
The most sensitive customer data collected and stored by Migrator Pro for Active Directory is the Active Directory data including users, password hashes, groups, contacts, and devices.
SQL Server Transparent Data Encryption (TDE) can be enabled to encrypt all data at rest. For more information see https://docs.microsoft.com/en-us/sql/relational-databases/security/encryption/transparent-data-encryption?view=sql-server-ver15.
LDAP account passwords and NTLM password hashes (while already encrypted at-rest by TDE) are additionally encrypted by the application with AES-256.
All communication from the Migrator Pro for Active Directory user interface is secured with HTTPS TLS 1.2.
The directory sync service communicates with Active Directory using LDAP.
Device agents communicate securely with the Migrator Pro for Active Directory web service using HTTPS TLS 1.2 to retrieve job details.
Migrator Pro for Active Directory relies on the following network ports to enable full functionality:
Source |
Target |
Port/Protocol |
Workstations and Member Servers |
Migrator Pro for Active Directory Server |
443 (TCP) or 80 (TCP) |
Migrator Pro for Active Directory Server |
Source and Target Domain Controllers running Windows Server 2003 |
135, 137, 389, 445, 1024-5000 (TCP) and 389 (UDP) |
Migrator Pro for Active Directory Server |
Source and Target Domain Controllers running Windows Server 2008 or newer |
135, 137, 389, 445, 49152-65535 (TCP) and 389 (UDP) |
Target domain controllers listed in the Target DCs tab |
Domain controller in the source environment holding the PDC Emulator Active Directory FSMO role |
135, 137, 139, 389, 445, 3268 and 49152-65535 (TCP) and 389 (UDP) |
The following ports need to be opened between workstations/servers and writable domain controllers for a successful domain join operation:
Type of Traffic |
Protocol and Port |
DNS |
TCP/UDP 53 |
Kerberos |
TCP/UDP 88 |
EPM |
TCP 135 |
NetLogon, NetBIOS Name Resolution |
UDP 137 |
DFSN, NetLogon, NetBIOS Datagram Service |
UDP 138 |
DFSN, NetBIOS Session Service, NetLogon |
TCP 139 |
C-LDAP |
TCP/UDP 389 |
DFS, LsaRpc, NbtSS, NetLogonR, SamR, SMB, SrvSvc |
TCP/UDP 445 |
LDAP SSL |
TCP 636 |
Random RPC |
TCP 1024-5000 |
GC |
TCP 3268 |
GC |
TCP 3269 |
DFS-R |
TCP 5722 |
Random RPC |
TCP 49152-65535 |
Migrator Pro for Active Directory relies upon Windows Authentication and Active Directory group membership to authenticate users.
© ALL RIGHTS RESERVED. Termini di utilizzo Privacy Cookie Preference Center