How to integrate PPM with Active Directory over SSL?

book

Article ID: 17148

calendar_today

Updated On:

Products

CLARITY PPM FOR ITG CLARITY PPM FEDERAL Clarity PPM SaaS - Application Clarity PPM On Premise

Issue/Introduction



How to integrate PPM with Active Directory over SSL?

Environment

Release: 451-101-15.3-Clarity-Creator User License
Component:

Resolution

PPM can bind to an Active Directory Server over LDAPS (SSL), as long as, you supply a valid certificate into the Java Keystore that we are using. 


Directions:

Note:  In my example PPM is using the following Java Location: 

>> /opt/java/jdk1.8.0_121 (Linux)
C:\JDK_8 (Windows)

1. Inside the following directory: 

Run: keytool -list -keystore cacerts -alias <adcert>

>> /opt/java/jdk1.8.0_121/jre/lib/security is the java keystore file called "cacerts" (Linux)
C:\JDK_8\jre\lib\security (Windows)

Here you would need to import the certificate (<filename>.cer) that your security team provided you into this file. example: 

>> keytool -import -keystore cacerts -alias <adcert> -file <certificate.cer> -keyalg RSA -trustcacerts -storepass changeit 

2. Then inside your CSA under the Security Tab, update\configure the URL to:

ldaps://<ldapserver>:636

Note:  port 636 is traditionally the SSL for for Active Directory

3. Please recycle the whole solution: 

service stop start all