Identity Suite : Configure SSL based Active Directory Authentication for Multiple domains

Blog Post created by kumsa29 Employee on Jul 17, 2018

If you are configuring the AD based authentication for Multiple domains in Identity suite, follow the following advice

  1. Follow the "Manage Active Directory Authentication Module" instructions
  2. In "auth_settings.properties" file user
    1. Set "Server" to "Global Catalog" server name/ip 
    2. Configure the SERVERS property to point to the catalog server by adding the port (SERVERS=adserver:3268 or adserver:3269 if you use SSL ).
    3. Set the BASEDN to the root of the AD domain (like DC=lab,DC=local)
  3.  For SSL : Add certificate to java trust store that is used by webcontainer hosting the Identity Manager web Application.  Default path: %JAVA_HOME%\jre\lib\security\cacerts 
  4. In virtual appliance, you need to use keytool command to add the certificate in java trust store because of vApp permission restrictions.