Hi All,
We have a requirement to configure LFDS to connect to AD using SLDAP, is this supported as I can't find any option anywhere to enable it?
Cheers!
We do support SSL for both Active Directory identity providers and AD as LDAP. Note that there were some known issues with SSL configuration in LFDS 9.2.0 so you should make sure you're on version 9.2.1 or 10.
It's unclear to me whether you just want to use a secure channel for the LDAP queries performed by LFDS (such as searching active directory or performing sync) or if also you want to use AD as LDAP. If you use AD as LDAP, user login uses an LDAP simple bind i.e., users cannot choose the Windows Authentication method and must always type their password. AD as LDAP is not recommended.
To enable SSL, simply change the setting for the default identity provider to "Use SSL", or modify your custom identity provider profile. You can register a new Identity Provider if you must use AD as LDAP.
Hi Brianna,
When setting LFDS to communicate using SSL, does this communicate on port 636 or 3269 when performing an AD group sync?
Cheers!
If no port is specified and "Use SSL" is checked, we will default to using port 636 (using the TCP LDAPS protocol).
Note that if you wish, you can specify a port, e.g., your-domain-controller.domain.com:123.
Thanks Brianna