Hey kevin, Many Thanks for your quick reply. Yes i am actually going to use SSL, i have already created cert.db files using certutil... But i thought 1st to give a shot without SSL, as the given Ldap server is a test server, enabled on both 389 and 636.
So coming back to configuration, below is what i have configured on ARDBC LDAP form: Host name: clients LDAP server hostname Port: 389 for time being Bind user: uid=test,ou=bindaccounts,dc=<clients LDAP hostname>,dc=com Bind password: given password No SSL. LDAP Server generalised timing. Failover timeout:5 Directory page size:1000 Base DN for discovery: dc=<clients hostname>,dc=com So i guess only information which is not configured correctly is Base DN for discovery, here I am not specifying ou.. but only mere Base DN. I will give this a try and let you know. Thanks again. Onkar. On Dec 14, 2014 4:10 AM, "Kevin Eldridge" <[email protected]> wrote: > ** > > Hello Onkar, > > > > I ran into a similar issue when connecting to a Red Hat LDAP server, using > UID, and not a MS Exchange server, since that is what the sAMAccountName is > used for. I used the following settings to make the ARDBC LDAP connection: > > > > Host Name: ldap.host.com > > Port Number: 636 > > Bind User: uid=ldapuser,ou=service,dc=host,dc=com > > Bind Password: <password> > > Use Secure Socket Layer: Yes > > Certificate Database: <Path to java keystore; e.x. C:\LDAP\ldaptrust.jks> > > LDAP Date-Time Format: Generalized Time > > Failover Timeout: 3000 > > Directory Page Size: 1000 > > Base DN for Discovery: ou=people,dc=host,dc=com > > > > If you are not using SSL, this will make things much, much easier. Your > default port for non-SSL is 389. If you are using SSL, ensure you have > created your Java Keystore using the following command: > > > > Create the Cert Database: > > certutil -N -d <certDir> > > Import the certs into the > > keytool -import -noprompt -trustcacerts -keystore <PATH TO JavaKeyStore; > i.e. C:\JKS\javakeystore.jks> -storepass <Password for JKS file> -alias > <Provide an alias> -file <PATH TO Certificate file; i.e. > C:\CERT\certificate.crt> > > > > There is a good bit of information on the Java Keystore in the AR System > 8.1 documentation > > > > I hope this helps. > > > > Kevin Eldridge > _ARSlist: "Where the Answers Are" and have been for 20 years_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"
