Our article “Configuring Lawson for LDAP Signing” takes you step-by-step through configuring your environment for the new LDAPS requirements being enforced by Microsoft later this year. That article discusses how to configure IFS for LDAPS, but after we got a few questions about the procedure, we decided to clarify it further.
When IFS is installed, a “Bootstrap” parameter is created to link to the root of your active directory. This parameter is only utilized to bring users from AD into Lawson. It should look something like this:
To configure IFS for LDAPS, you will need to update your Bootstrap to use the host name of one of your domain controllers, and you will also need to provide the credentials of a user that has authorization to search the AD tree. This bootstrap connection is not actually used for authentication, so it shouldn’t be a problem that you have multiple DCs. It is only used to bring users into IFS from Active Directory. As long as the user connecting to that DC has the ability to search the tree for users, you should be fine.
Your URL is going to look something like LDAP://server.company.com:636/DC=company,DC=com. Essentially, you just need to add the server name and port to the bootstrap value. Remember that the protocol is “LDAP” not “LDAPS”. To change the IFS parameters, just click into the boxes, and start typing. Click the “Save” button at the top when you are done.
To make sure your settings are working properly, click the “Test” button, and you should receive this message: