Skip to main content
Matrix42 Self-Service Help Center

Network Requirements of the Active Directory Connector

  1. Last updated
  2. Save as PDF

Summary

Matrix42 allows to integrate MyWorkspace seamless into an existing Active Directory infrastructure based on the Active Directory Connector component.
This guide describes which network requirements the Active Directory connector has. 

Goal

After completing this guide you will be able to handle infrastructure problems regarding the Active Directory connector directly. This will help to increase business continuity and the service quality in your organization. 

Network Requirements

The Matrix42 MyWorkspace Active Directory connector does not require inbound connections. The service is establishing a connection to the MyWorkspace cloud platform.

The following URLs should be reachable from the server the cloud connector is installed on:

HTTPS Connection

Verb Location
POST https://accounts.matrix42.com/api/en...Id}/connectors
GET https://accounts.matrix42.com/api/enterprises/{enterpriseId}/connectors/{connectorId}
GETPOST https://accounts.matrix42.com/api/enterprise/{enterpriseId}/roles
DELETE https://accounts.matrix42.com/api/enterprise/{enterpriseId}/roles/external/{roleId}
POST https://accounts.matrix42.com/api/error
GET https://accounts.matrix42.com/api/enterprises/{enterpriseId}/connectors/{connectorId}/sbrelay

WebSocket Connections

Verb Location
UPDATE https://acs-adconnectors-1.servicebu...43/connectors/{connectorId}/

The Microsoft Azure Service Bus is the underlaying system when the AD connector communicates with the MyWorkspace platform. This platform supports several connection options for: 

  1. Default (No outbound filters): A TCP connection will be used on the ports 5671 and 9350 - 9354.
  2. Only port 80 and port 443 are opened outbound and all other TCP ports are blocked:

    Port 80 is used by Microsoft Azure Service Bus to monitor the MyWorkspace message availability.
    Port 443 is used for message content delivering from/to Microsoft Azure Service Bus

    Keep in mind, all payloads are encrypted
  3. Only port 443 are opened outbound and all other TCP port are blocked: Only a single HTTPS/WebSocket connection will be used.

Configure RDS Host

The integration to the Remote Desktop Services of Microsoft requires that the RSS feeds for the Remote Desktop Services are reachable for the Cloud Connector. The following connections should be available:

Verb Location
GET <Configured-RDS-Host>/...