2 Replies Latest reply on Feb 2, 2017 6:06 AM by rkrichevskiy

    Non-persistent LDAP client

    rkrichevskiy Enthusiast

      Looking at sample workflows that came with AD plugin 3.0.2. Are they compatible with LDAPS? I couldn't get it to connect with SSL. Throws java.net.SocketException: Connection reset. Default LDAP works fine though and LDAPS from another (non-orchestrator) machine works with the same remote. Any clues where can I look further?

        • 1. Re: Non-persistent LDAP client
          igaydajiev Expert
          VMware Employees

          If you take a look at "Non-persistent LDAP client" sample workflow you will see that it is using

           

                  ldapClient = LdapClientFactory.newLdapClient(host, port, username, password, false);
          
          
          
          

           

          Last parameter of newLdapClient() method acording the documentation is actually "useSSL" and in the sample workflow it is hard-coded to false.

          But it can be easily reworked. You can take a look at attached workflow for example.

          There are 2 changes applied.

          1 . Additional workflow input is added useSSL and it's value is provided to the scripting

                       LdapClientFactory.newLdapClient(host, port, username, password, useSSL);
          
          

           

          2 .  "Port"  value is set to 636 for ssl connection and to 389 for non ssl connection (default ports for Active Directory server)

           

          Note that you also need to import the ldaps server certificate in vRO trust store if it is not yet there. This can be achieved with "Import a certificate from URL" workflow

          • 2. Re: Non-persistent LDAP client
            rkrichevskiy Enthusiast

            I see. Thanks this works!