Dear all,
I have ACS 4.2 and try to configure it with Generic LDAP.
Unfortunately, the TLS is enabled on the AD and so the SSL checkbox must be enabled on the ACS configuration, and the port to be changed to 636.
I have joined the server in the domain where the LDAP is.
I have installed the root certificate in the ACS server.
I have installed the domain controller certificate in the ACS server.
I have all those in the trusted list of CAs in the application and in the OS.
I can query the LDAP with the same settings with a 3rd party application with the same user as the one configured in ACS, and it works.
The config is:
The ip address of the primary dc,
port 636,
Use LDAPv3 (as it is on the ldap server)
Use secure authentication
Use the already installed and trusted Root CA certificate
the user with which I used in the 3rd party application and it could query the domain.
Still, when I try to query the LDAP, it does not work giving an error that
External DB reports about an error condition
I put a sniffer and I saw that the primary DC sends its' certificate and immediately after that the ACS server replies with Unknown CA.
Any ideas why?
Chris