Mapp Services - LDAP and certificate management

Kolma · November 9, 2023, 7:32am

When using the central user management sever feature of MpUserX, it is important to know that only the secure version of the protocol is supported LDAPs. The insecure version of it (LDAP) is not supported. The protocol is classified as obsolete and not supported by the main providers (AD from Microsoft).

When a connection is established to a central user management server, the certificate of the server needs to be validated to ensure that the server is a trusted partner. The solution today is to manually import the server certificate into the AR certificate store. The end-user would need to provide the certificate of their AD to the automation team and perform the update to the AR.

trostelc · November 9, 2023, 12:52pm

Is there any way to upload that certificate at runtime or does that have to be something that is done in AS with a transfer?

austin.carpenter · November 9, 2023, 1:32pm

The ArCert library and the file transfer system of choice (FTP, USB, CIFS, etc.) can be used to import a new certificate to the certificate store. At this time, it requires some application work to implement the best solution for the machine.

To add some details to the original post, you need to include the certificate of the Certificate Authority (CA) that signs the Active Directory’s (AD) certificate in Automation Runtime (AR).