Configuring secure LDAP

By default, LDAP traffic is transmitted unsecured. You can make LDAP traffic confidential and secure by using Secure Sockets Layer (SSL) / Transport Layer Security (TLS) technology. You can enable LDAP over SSL (LDAPS) by installing a

properly formatted certificate from either a Microsoft certification authority (CA) or a non-Microsoft CA.

To use LDAPS with Content Gateway:

Steps

  1. Open the records.config file located in /opt/WCG/config.
  2. Add following entry to records.config:
    CONFIG proxy.config.ldap.secure.bind.enabled INT 1
  3. Navigate to Configure > Security > Access Control > LDAP and change the port to 3269.
    Note: The Directory Service must be configured to support LDAPS authentication. See to the documentation provided by the directory provider for instructions.