Previous Topic: Configure Automatic Certificate Allocation from an Enterprise Certificate AuthorityNext Topic: Install CA ControlMinder Enterprise Management on Windows


Prepare Enterprise Management Server to connect to Active Directory SSL

When working with Active Directory, you can configure CA ControlMinder Enterprise Management to use SSL to encrypt the communication between Enterprise Management and users.

Follow these steps:

  1. On the Active Directory (AD) computer, do the following:

    A. Copy the ldp.exe file from “c:\Windows\system32\” and paste it in the same location on the Enterprise Management Server.

    B. Copy the ldp.exe.mui file from “C:\Windows\System32\en-US” and paste it in the same location on the Enterprise Management Server.

    Note: These steps are required to start the ldp.exe tool on the Enterprise Management server.

  2. Click Start, Run, and type ldp.exe.

    The ldp.exe connection Window opens.

  3. Click Connection and Connect.

    The Connect screen opens.

  4. Enter your Active Directory hostname and Non-SSL port number (For example: Server:ad1.forward.inc, Port: 389) and click OK.

    The connection is complete.

  5. Check the SSL box and click OK.

    The connection to the Active Directory is confirmed.

    Note: Before you check the Active Directory SSL connection, import the Active Directory certificate and install it in Root Certificate on the Enterprise Management server. To import the AD certificate, SSL must be configured on your Active Directory. For more information, refer to the Implementation Guide.

  6. On the Active Directory computer, click Start, Administrative Tools, Certification Authority.
  7. Click Certification, right click RootCA, and click Properties from the drop-down menu.

    The RootCA Properties window opens.

  8. Click the View Certificate button.
  9. On the Details tab, click the Copy to File button.

    The Certificate Export Wizard opens.

  10. Complete the Certificate Export Wizard.

    When the Certificate Export wizard is complete, the Certificate file is copied to your Active Directory computer.

  11. Browse to the certificate location on the Active Directory computer and copy the certificate file to your Enterprise Management Server.
  12. On your Enterprise Management Server, double-click the copied certificate.
  13. Click Install Certificate Wizard and click Next.
  14. Select Place all certificates in the following store and click Browse.

    The Select Certificate Store window opens.

  15. Select Trusted Root Certification Authorities, Click OK, and Next.

    The Completing the Certificate Import Wizard window opens.

  16. Click Finish and OK.

    The Certificate Import wizard is complete.

  17. To check the SSL Active Directory connection, select Start, Run, ldp.exe on the Enterprise Management Server.

    The ldp.exe connection Window opens.

  18. Click Connection in the tool bar and click Connect.

    The Connect window opens.

  19. Specify the Server and SSL port number, check the SSL box, and click OK.

    The ldaps://(server name) window opens confirming the connection to the Active Directory is successful.