This section describes how to set up LDAP server on Network Configuration Manager.

  1. Configure Network Configuration Manager to point to LDAP or Active Directory server

  2. Log into Network Configuration Manager as system administrator.

  3. Go to System Administration > Global > User Management > Authentication Servers > LDAP

  4. Enter your settings. Click Apply.

  5. In the left pane, go to User Management > System Users and add your LDAP/Active Directory users. Ensure that the User ID and Email fields match with what you have in the LDAP/AD server.

  6. Under Authentication Method, select External LDAP.

  7. Verify LDAP/Active Directory settings (optional)

  8. Logout of Network Configuration Manager.

  9. Login with an LDAP/Active Directory user credentials.

    Note:

    If you experience problems logging in, check the LDAP/Active Directory logs.

  10. Flip the secure switch on your LDAP/Active Directory server. Configure your LDAP/Active Directory server to use SSL. Make a note of the secure port number used by LDAP/Active Directory server.

  11. Retrieve the SSL certificate from LDAP/Active Directory server.

  12. Download InstallCert.jar to your desktop.

  13. Run the command,

    C:\Users\Administrator\Desktop>"%JAVA_HOME%\bin\java" -jar InstallCert.jar ACTIVE-DIR-SERVER-IP:<secure port>

  14. You will be prompted to enter certificate to add to trusted keystore. Press Enter.

  15. From your desktop, copy the file jssecacerts to %JAVA_HOME%\jre\lib\security.

    C:\Users\Administrator\Desktop>copy jssecacerts "%JAVA_HOME%\jre\lib\security"

  16. Flip the secure switch on Network Configuration Manager.

  17. Go to https://<IP-address>:8880/ ncm-webapp

    where <IP address> is the IP address of the Network Configuration Manager Application server.

  18. Type the login credentials:

    Username: jmx-user

    Password: sysadmin

  19. Go to servers -> 0 -> domains -> com.powerup.configmgr.server.config.jmx -> mbeans -> name=VoyenceControlConfig,type=JMXSystemConfig -> operations

  20. In the listAll operation, click Execute. In the CONFIG NAME column, look for 0.ldap.server.securityprotocol and 1.ldap.server.securityprotocol. You will change the values of these configuration names from none to ssl.

  21. To change the values of configuration names, follow these steps:

    • In the setConfigItem operation,

      • for p1, set the parameter value to config.security.ldap-auth

        • for p2, set the parameter value to 0.ldap.server.securityprotocol

        • for p3, set the parameter value to ssl

        • Click Execute.

        • For the same setConfigItem operation,

        • for p1, set the parameter value to config.security.ldap-auth

        • for p2, set the parameter value to 1.ldap.server.securityprotocol

        • for p3, set the parameter value to ssl

        • Click Execute.

        • In the saveAll operation, click Execute.

  22. Change the port number in your Network Configuration Manager installation to communicate with LDAP/Active Directory server. To change the port number, follow these steps:

  23. Login to Network Configuration Manager as sysadmin.

  24. Go to System Administration > Global > User Management > Authentication Servers -> LDAP

  25. Change the port number to secure port number used in step 3.

  26. Click Apply.

  27. Click Close.

  28. Logout of Network Configuration Manager.

  29. Login to Network Configuration Manager using one of your LDAP/Active Directory server users.