AD Agent default destination port should be 636 if SSL is selected

In the ActiveDirectory agent the default destination port is 389.  This can be overridden by appending a colon and an explicit port to the Server configuration.

In AD, port 389 is conventionally used for non-SSL traffic and port 636 is used for SSL traffic.  The default port should reflect the SSL setting, in order to avoid confusion and reduce the risk of inadvertent configuration error.