- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Setting up LDAP over SSL for MS DNS management
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-16-2019 09:01 AM
Hi all,
I am just working on a design for a customer at the moment that will use the MS DNS synchronisation module, but I can't for the life of me remember if I've ever set this up using LDAP over SSL. Has anyone done it? I'm guessing I need to get the certificate for each MS DNS server I want to sync with and upload it to Infoblox, but I was wondering, can I just upload the root CA cert so Infoblox trusts any certificate the DNS servers send down?
The admin guide is a bit vague (see underlined text below), has anyone done this or can advise?
"Encryption: You can encrypt the network traffic between the Grid member and the managed Microsoft server using SSL. Select a value, None or SSL, from the drop-down list. Infoblox strongly recommends that you select SSL from the drop-down list to ensure the security of all communications between the NIOS appliance and the Active Directory server. When you select SSL, the appliance automatically updates the TCP port to 636. When you select this option, you must specify the FQDN of the Microsoft server instead of the IP address and you must upload a CA certificate from the Active Directory server. Click CA Certificates to upload the certificate. In the CA Certificates dialog box, click the Add icon, and then navigate to the certificate to upload it."
PCN (UK) Ltd
All opinions expressed are my own and not representative of PCN Inc./PCN (UK) Ltd. E&OE