?
Solved

LDAP over SSL using mail server's cert

Posted on 2013-12-06
3
Medium Priority
?
728 Views
Last Modified: 2013-12-09
I'm setting up a help desk ticketing system that's cloud hosted, and I'd like to give it access to my LDAP server so that users can login to the help desk with their familiar passwords.  I want to use SSL for security. I have a mail server/DC that has an SSL cert and public IP, and I'd like to know if I just open port 636 through my firewall and use the mail server's URL (mail.domain.com) would that work? Any suggestions are appreciated.
0
Comment
Question by:Brad212
  • 2
3 Comments
 
LVL 30

Accepted Solution

by:
Britt Thompson earned 200 total points
ID: 39702378
Yes but you'll have to add the certificate to the cert store on the server to for the client/server handshake to happen. Below is the instructions:

http://support.microsoft.com/kb/321051/en-us

If you have a Digicert certificate you can generate a duplicate to do this.
0
 

Author Comment

by:Brad212
ID: 39702430
Thank you, very helpful. Do I need a third party CA to accomplish this? Or could I just install the CA role on the server and not bother with a 3rd party CA?
0
 
LVL 30

Expert Comment

by:Britt Thompson
ID: 39702446
As long as the server connecting to the LDAP server trusts the certificate it will work.
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
Sometimes it necessary to set special permissions on user objects.  For instance when using a Blackberry server, the SendAs permission needs to be set. I see many admins struggle with the setting that permission only to see it disappear within a few…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question