<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Okta AD Agent and LDAPS Support
Nov 14, 2025
Directories
Overview

This article reviews the encryption method used by the Okta Active Directory (AD) Agent when communicating with a Domain.

Applies To
  • Directories
  • Active Directory
  • Kerberos Encryption
  • LDAPS (LDAP over SSL)
Solution

The Okta AD Agent supports communication over LDAPS (LDAP over SSL). Please download the latest version to take advantage of this functionality.

 

The AD agent uses Kerberos encryption as well as Kerberos authentication to secure data being processed over the standard LDAP port (389). For more information regarding Kerberos encryption, please review the following documentation from Microsoft: Binding With Encryption.

Recommended content

Still looking for help?
Loading
Okta AD Agent and LDAPS Support