Instructions on how to configure Automic Workload Automation to use LDAPS.

book

Article ID: 144698

calendar_today

Updated On:

Products

CA Automic Workload Automation - Automation Engine CA Automic One Automation CA Automic Operations Manager CA Automic Oracle

Issue/Introduction

Automic admin has Automic integration into Active Directory LDAP and wants to switch it to LDAPS.  In doing so, they are getting the following error when "Synchronize" their LDAP User:

 

 

Environment

Release : 12.2.x and 12.3.x

 

Resolution

In Automic UI:

Automic Admin had to update the original ldap object:

  • UC_LDAP_<Domain Name>
    • Here your Server Key is probably set to port 389 or 3268
      • For LDAPS - the default port is 636 or 3269
      • You also have to set:
        • VERSION = 2
        • TLS = Y
        • USE_DISTINGUISHED_NAME = N

Than you have to update our LDAPSync.xml:

  • Once again you have to update the port to 636 or 3279
  • update "useSSL"="true"

Than finally to connect to via LDAPS you need a certificate, this will be provided by your LDAP Team! This certificate will need to be imported into the default Java keystore that Automic is using:

IE: echo %JAVA_HOME% set to:

C:\Program Files\java\java-1.8.0-openjdk-1.8.0.232-3

Than:

  • C:\Program Files\java\java-1.8.0-openjdk-1.8.0.232-3\jre\lib\security
  • Import the certificate you from your AD Team (example adcert.crt) into Java's keystore: (example):
    • keytool -import -keystore cacerts -alias myadcert -file adcert.crt -storepass changeit

Than Automic will be using LDAPS.

Additional Information

For more information please consult:

https://docs.automic.com/documentation/webhelp/english/AA/12.3/DOCU/12.3/Automic%20Automation%20Guides/help.htm#AWA/Admin/admin_LDAPConnectionSetup.htm#link1

and:

https://docs.automic.com/documentation/webhelp/english/AA/12.3/DOCU/12.3/Automic%20Automation%20Guides/help.htm#Installation_Manual/AE/InstalltheAE_JWP.htm

which covers the topics as well.

Attachments