Login
Register
Search
Home
Forums
Jobs
LawsonGuru
LawsonGuru Letter
LawsonGuru Blog
Worthwhile Reading
Infor Lawson News Feed
Store
Store FAQs
About
Forums
Infor / Lawson Platforms
S3 Security
SSOPV2_LDAP_BIND - change to secure port?
Home
Forums
Jobs
LawsonGuru
LawsonGuru Letter
LawsonGuru Blog
Worthwhile Reading
Infor Lawson News Feed
Store
Store FAQs
About
Who's On?
Membership:
Latest:
Chris Radcliffe
Past 24 Hours:
0
Prev. 24 Hours:
0
Overall:
5187
People Online:
Visitors:
206
Members:
0
Total:
206
Online Now:
New Topics
S3 Customization/Development
Cobol - Extract Current Time
4/24/2024 7:21 PM
How do you extract just the Current System Time in
Lawson Landmark
LPL INSTR Functions
4/5/2024 8:32 PM
I'm writing a simple report using the Create R
Infor SCM
Translating 856 to get the ~ REF^CN^ field
4/3/2024 8:24 PM
We are trying to get the tracking number which is
IPA/ProcessFlow
Sample XML file create Flow
4/3/2024 3:43 PM
Hello everyone, I am new to creating XML files
Lawson S3 HR/Payroll/Benefits
bn105 error message
3/26/2024 6:40 PM
I need to change some of the set ups in our Life I
IPA/ProcessFlow
IPA executing Job
3/13/2024 7:08 PM
New to the IPA world and was wondering, can an IPA
Lawson S3 HR/Payroll/Benefits
Life Age Reduction on benefits plans
3/12/2024 7:15 PM
For our optional life we have an age based coverag
Lawson S3 HR/Payroll/Benefits
BN53.1 Add-In
3/7/2024 3:31 PM
We are migrating to Solstice. They require a
Lawson Business Intelligence/Reporting/Crystal
Domain Name Change
3/5/2024 7:45 PM
Our domain name needs to change and was hoping I c
S3 Customization/Development
Cobol calling Shell Script
2/29/2024 1:27 PM
Has anyone created or modified a Lawson Cobol prog
Top Forum Posters
Name
Points
Greg Moeller
4184
David Williams
3349
JonA
3288
Kat V
2984
Woozy
1973
Jimmy Chiu
1883
Kwane McNeal
1437
Ragu Raghavan
1348
Roger French
1311
mark.cook
1244
Forums
Unanswered
Active Topics
Most Liked
Most Replies
Search Forums
Search
Advanced Search
Topics
Posts
Prev
Next
Forums
S3 Security
SSOPV2_LDAP_BIND - change to secure port?
Sort:
Oldest First
Most Recent First
You are not authorized to post a reply.
Author
Messages
Sam Adams
New Member
Posts: 1
12/16/2013 10:57 PM
Lawson 10 environment here, not yet in production. We have ldap bind set up to AD, which was was done by consultants.
I'm curious how one changes it to be a secure connection? I could be wrong, but based on my experience to date, I can't imagine that the system will know that changing the port to 3269 means to switch to secure ldap automatically. I'm not planning on doing this along, but I heard through the grapevine that the consultant said it's not recommended to go that route?!
Needless to say, we want this remedied promptly, so that our passwords aren't being sent over the wire cleartext.
I appreciate any explanations, experience, pointers, caveats, etc.
Best regards,
SamA
Alex Tsekhansky
Veteran Member
Posts: 92
12/22/2013 10:01 PM
Hi, Sam.
When you BIND LSF to an LDAP server, you must specify a protocol. There are two protocols you can use - LDAP (which transmits data without encryption) and LDAPS (which encrypts data). Hence, your BIND URLs will be different for SSL-based vs non-encrypted BIND URL. For "regular" URL it will be ldap://server:post, while for the SSL-based-one it would be ldaps://server:sslport. Note that LDAP servers use one port for non-SSL LDAP traffic and a different port for SSL traffic.
If you bind to AD, and you plan to use Global Catalog LDAP server, you can use port 3268 for non-SSL traffic, or port 3269 for SSL-encrypted traffic.
Note that if you use LDAPS, since WAS makes direct connections to that LDAP (along with SSL), you will need to import AD certificate from that port to both WAS trust store for the node, as well as OS Java certificate repository used by LSF.
You are not authorized to post a reply.