How to get the plug-in work using regular LDAP on port 389

  • Gaurav
    # 6 years, 2 months ago

    Hi Brian,

    This needs to be the certificate of your LDAP Server which you need to provide to us. It is best you create your CSR (based on your server, location etc) and generate a SSL certificate based on that.

    Thanks and regards,
    Gaurav

    Brian
    # 6 years, 2 months ago

    Here is the certificate. I zipped the file so I could email it. If you need anything else, please let me know.
    Thanks,
    Brian

    Gaurav
    # 6 years, 2 months ago

    Hi Brian,

    Thanks for the certificate. I will try to connect through our test instance and see if the connection works.

    Thanks and regards,
    Gaurav

    Gaurav
    # 6 years, 2 months ago

    Hi,
    I was trying the connection to the DC from our test instances. Have you enabled access to the DC over port 636 to our production IPs alone? If that is the case, please enable it over our test instances so we can test there and then move to production. It currently fails through our test instances (even telnet fails).

    IP Addresses:

    1) xx.xxx.xxx.xxx
    2) xx.xxx.xx.xxx

    Thanks and regards,
    Gaurav

    Brian
    # 6 years, 2 months ago

    Its a managed firewall managed by our internet provider. This is the request I sent and they have performed: Can you try it from these IP addresses?

    Allow incoming requests from hosts – xx.x.xxx.xxx and xx.x.xxx.xxx by a firewall rule for the port 389(636 for SSL or ldaps) on LDAP Server.

    Brian

    Gaurav
    # 6 years, 2 months ago

    Hi Brian,

    I won’t be able to test this out on production servers since this is a server-level configuration and changes to the production servers may affect other customers. Let me know when access to our production IP Address is allowed and I will do the test and update you on the status.

    Thanks and regards,
    Gaurav

    Brian
    # 6 years, 2 months ago

    Level 3 has added those 2 IP addresses to the policy that allows port 636.

    Brian

    Gaurav
    # 6 years, 2 months ago

    Hi Brian,
    The connection with our test instances seems to work. I want to do an end-to-end authentication to verify the connection before moving the certificates over to production. Can I get the following:
    1) Service Account Distinguished Name
    2) Service Account Password
    3) Test Credentials (Windows username and password) with which to verify the connection.

    Thanks and regards,
    Gaurav

    Brian
    # 6 years, 2 months ago

    Due to our internal control policies, I can’t give that information out. Can I test it from our website now and it work?

    Brian

    Gaurav
    # 6 years, 2 months ago

    Hi Brian,

    We have created an account for you. You will receive password on your email.

    You can use the link below to login.
    https://test.miniorange.in
    username: br.test@abc.net

    You can go to “Identity Source” tab and add LDAP identity. Also, you will see test configuration button after you save your configuration.
    Next step is we will set up your LDAPS certificate on our production and you can configure LDAP plugin in wordpress after that. I will let you know once done.
    Let us know if you get any issue.

    Thanks,
    Gaurav

    Brian
    # 6 years, 2 months ago

    I was able to test it successfully using 2 different Active Directory accounts so I think we are good to go. Thanks so much for your help on getting this resolved!

    When can we expect this to be live? Also, what do I need to change in the WordPress plug-in to utilize your servers for authentication?

    Thanks,
    Brian

    Gaurav
    # 6 years, 2 months ago

    Brian,
    We have updated your certificates. You can configure it now with plugin below.

    Active Directory Integration for Cloud


    You will need to sign up or login using existing miniOrange account and add LDAP configuration inside plugin itself.

    Let us know how it goes.

    Thanks,
    Gaurav

    Brian
    # 6 years, 2 months ago

    Done Thanks again.

    Brian

Viewing 13 posts - 16 through 28 (of 28 total)

The topic ‘How to get the plug-in work using regular LDAP on port 389’ is closed to new replies.