yuuvis® RAD Q&A

0 votes
by (890 points)

Hello,

is it possilbe to do the AD synchronisation over ldaps?
I tried to change the ad.properties file to:

java.naming.provider.url=ldaps\://ldaps.XXX.de\:636
and
java.naming.provider.url=ldap\://ldaps.XXX.de\:636

But I get the errors:

ESTABLISH_BROWSER_CONNECTION_FAILED:
javax.naming.CommunicationException : simple bind failed: ldaps.XXX.de:636
java.net.SocketException : Connection or outbound has closed

and

ESTABLISH_BROWSER_CONNECTION_FAILED:
javax.naming.NamingException : LDAP connection has been closed

Thanks for the anser in advance.
schulerb

1 Answer

+1 vote
by (19.6k points)
selected by
 
Best answer

Hello schulerb,

yes it is possible with java.naming.provider.url=ldaps\://ldaps.XXX.de\:636.

Please make sure that firewalls are configured accordingly and credentials are correct. Also if the ldaps-server uses a self-signed certificate, it needs to be imported to the truststore of the core-service at <core-service>\jdk\lib\security\cacerts.

Best regards
Nicolai

by (890 points)
Thanks it works. I forgot to import the ca certificate into the truststore

Related questions

0 votes
1 answer
asked Jan 31, 2019 by Maris Miezitis (920 points)
0 votes
1 answer
asked Dec 21, 2018 by Maris Miezitis (920 points)
0 votes
1 answer
...