cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted
startoff
Iron

Endpoint Security: Active Directory scanner LDAPS

Hi all

I ran in problems while setting up Active Directory scanner with LDAPS enabled on a fresh installed R80.40 server.

The only error message i got is: unable to establish a connection to the domain controller

I've imported the certificates to keystore and restarted the needed services.

With 'bin/keytool -list -keystore lib/security/cacerts certificate.cer -storepass password' I can see the certificate listed. I also installed the intermediate cert.
Because I wasn't sure where to install the certs, I've put them in both stores:
- $CPDIR/jre_32
- $CPDIR/jre_64

From the CLI on the CP management server a 'telnet ip.add.re.ss 636' to the Active Directory domain controller is successfull.

Another thing I've tried is to change the settings in file
$UEPMDIR/engine/conf/ldap.utils.properties
from use.ssl=false to use.ssl=true

This didn't help either.

I tried then the AD sync with LDAP. This was successfull.

So it must have something to do with LDAPS. How can I troubleshoot this further?

Thanks for a hint...

 

0 Kudos