LDAP bind fails when AD is configured in EEM with LDAPS and also AD certificate is configured for Server certificate validation

search cancel

LDAP bind fails when AD is configured in EEM with LDAPS and also AD certificate is configured for Server certificate validation

book

Article ID: 265982

calendar_today

Updated On:

Products

Autosys Workload Automation

Issue/Introduction

After upgrading EEM Server to EEM 12.6.4.0, customers using secure LDAP (LDAPS) with CA Certificate in the EEM server running on Linux, will not be able to do security checks from AutoSys.

LDAP bind fails when AD is configured in EEM with LDAPS and also AD certificate is configured for Server certificate validation.

Environment

EEM Release : 12.6.4

Linux Only

Cause

Hostname validation functionality has been removed from OpenLDAP 2.4.59 due to which LDAP bind fails with the AD certificate configured.

Resolution

Procedure to check whether EEM is configured with LDAPS/LDAP+TLS with CA certificate

1. Log in to CA EEM UI as EiamAdmin.
2. On the Configure tab, click User Store.
3. In the User Store section, click User Store. The Directory Information pane appears on the User store Configuration page.
3. Click the name of the external LDAP directory. The LDAP Directory Configuration page appears.
4. Check the protocol in the Connection Settings.

If the protocol is LDAPS or LDAP+TLS with a non-empty CA Certificate Path then you need to apply the solution 99111664.

The link to Patch# 99111664 is as follows:

https://support.broadcom.com/web/ecx/solutiondetails?aparNo=99111664&os=MULTI-PLATFORM

Feedback

thumb_up Yes

thumb_down No