Domain Controllers

The WolfTech Active Directory domain has six onprem domain controllers, operating out of multiple campus data centers.  The domain is operating at the Windows 2016 domain functional level.  The forest is operating at the Windows 2016 forest functional level.  All WolfTech domain controllers are running the Windows Server 2019 or 2022 operating systems.

Applications and services requiring LDAP authentication and querying against WolfTech AD should use the virtual (vIP) host “ldaps.wolftech.ad.ncsu.edu”. This host listens on the secured (encrypted) LDAP ports of 636 (ldapS) and forwards requests to supported domain controllers in it’s server pool. Encryption is required using the TLS v1.2 protocol; SSL and earlier TLS versions are no longer supported.

2024 update: InCommon has issued an updated “InCommon RSA Server CA 2” cert. The previous “InCommon RSA Server CA” cert is set to expire on October 05th 2024.
InCommon is now issuing certs from the updated InCommon CA 2 cert.   As domain controller certificates expire during 2024, they will be replaced with InCommon CA 2 issued certs.  It is important that you have the updated InCommon CA 2 cert in your certificate store to avoid certificate trust issues when connecting to “ldaps.wolftech.ad.ncsu.edu”. This cert is already configured on domain joined Windows systems via group policy. However, if you have alternate systems, please update certificate stores as appropriate.

The virtual host “ldaps.wolftech.ad.ncsu.edu” has domain controllers in each datacenter in the pool at all times for redundancy. Domain controllers may be moved in and out of the vIP server pool for maintenance and upgrades.