Active Directory Scanner
R81 Harmony Endpoint Server Administration Guide|98
n
To configure LDAPS - Change use.ssl=false to use.ssl=true
n
To configure GSSAPI - Change use.gssapi=false to use.gssapi=true
You can set LDAPS and GSSAPI to true.
3. Save the file.
For GSSAPI, no additional configuration is necessary.
Additional steps for LDAPS:
n
Configure the Domain Controller to use LDAPS.
n
Import all Domain Controller certificates to the Endpoint Security Management Server
keystores.
To import a certificate to the keystores on the Endpoint Security Management Server:
1. On a domain controller which is configured to support LDAPS, run:
certutil -store -v MY
The output of this command is a list of certificates. The certificates are separated by a
line like this:
================ Certificate 0 ================
where 0 is the index number of the certificate.
2. Find a certificate:
n
That has a subject that is the FQDN of the Domain Controller. In the example
below: DC.mulberry.com
n
In which one of certificate extensions has the OID Server Authentication
(1.3.6.1.5.5.7.3.1).
3. Get the index number of the certificate.
This is the number which appears in the separation header before each certificate. In this
example it is 0.
To Next Page
Loading...
