000022623 - Definition of 'cleartrust.data.ldap.directory.activedirectory.ssl.use'

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022623
Applies ToMicrosoft Active Directory
RSA ClearTrust 5.0
RSA ClearTrust 5.0.1
IssueDefinition of "cleartrust.data.ldap.directory.activedirectory.ssl.use"
Comment in configuration file states:
    # SSL setting to the LDAP server
    # Is the connection to LDAP server with SSL ON or OFF? If it's not
    # set, then default to ON.
Documentation states the following:
    Description: This parameter specifies whether or not communications between your
    LDAP directory server and the RSA ClearTrust Entitlements and Authorization
    Servers should be over LDAPS (SSL encrypted).
    Allowed Values: yes|true or no|false
CauseThis is an error in the documentation
ResolutionThis parameter should behave identically to the cleartrust.data.ldap.directory.iplanet.ssl.use parameter. The allowed values associated with this parameter are as follows:
     Clear - Cleartext - Does not allow addition of users through the Entitlements manager. This limitation is caused by Active Directory.
     Auth - Server authenticated SSL, we authenticate that the LDAP server is who he says he is. This requires the CA keystores to be set up.
Legacy Article IDa15102