cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
746
Views
0
Helpful
2
Replies
Highlighted
Beginner

Ironport LDAPS

Hi!

We are planning to connect our Ironport c370 to our Active directory infrastructure to verify valid users via LDAPS.

I found this instruction:

http://enterpriseit.co/ironport/ldap-active-directory/

But there is nothing in the instruction on how you install the CA-certificate for the active directory on the ironport?

Does it trust everything over LDAPS or do I need to go into the shell to add the CA-certificate for my Active directory CA?

Everyone's tags (3)
2 REPLIES 2
Cisco Employee

Hello Jape,

Hello Jape,

Generally the ESA will trust the LDAP server and initiate the connection and send queries to the LDAP server configured.

If you wish to use SSL where certificate negotiations will be done, the ESA (you can load an certificate if required) will be sent however from -my experience- i do not believe there is an option to deploy your AD's cert on the ESA to ensure it's trusted.

Regards,

Matthew

Beginner

I tested by setting up a

I tested by setting up a LDAPserver with a selfsigned cert and pointed my Ironport against that with LDAP+SSL. And it gave back an ok when I tested the connection. 

So it does not look like it needs to verify the certificate at all.