Table of Contents
Advertisement
referred to as LDAPS (Lightweight Directory Access Protocol over SSL). Each
LDAPS connection begins with a protocol handshake that triggers a security
certificate transmission from the responding Active Directory server to the RCS.
Once received, the RCS is responsible for verifying the certificate. In order to
verify the certificate, the RCS must be configured with a copy of the root
Certification Authority's (CA) certificate. Before this can be done, the
certificate must first be generated.
Enabling SSL on a Domain Controller
If you plan to use Microsoft Enterprise Root CA to automatically assign all your
domain controllers SSL certificate, you must perform the following steps to
enable SSL on each domain controller if you have not previously done so.
1
Install a Microsoft Enterprise Root CA on a Domain Controller.
a.
Select Start - Control Panel - Add or Remove Programs.
b. Select Add/Remove Windows Components.
c.
In the Windows Components Wizard, select the Certificate Services
checkbox.
d. Select Enterprise root CA as CA Type and click Next.
e.
Enter Common name for this CA, click Next, and click Finish.
2
Enable SSL on each of your domain controllers by installing the SSL
certificate for each controller.
a.
Click Start - Administrative Tools - Domain Security Policy.
b. Expand the Public Key Policies folder, right-click Automatic Certificate
Request Settings and click Automatic Certificate Request.
c.
In the Automatic Certificate Request Setup Wizard, click Next and
select Domain Controller.
3
Click Next and click Finish.
A certificate/private key file can be created using openssl using Linux. Openssl
can be downloaded from openssl.org. Any instructions below with text in <> is
xxx
|
128
LDAP Feature for the RCS
xxx
- Quick Links:
- Features and Benefits
Hide quick links:
Advertisement
Table of Contents
