Update LDAP Bind Connection

Sometime you may have a need to update your LDAP bind connection, such as when the domain controller you are bound to is decommissioned.

To update the LDAP bind connection,

First figure out which service is using ldap bind.  To do that, go to http(s)://<server>:<port>/ssoconfig/SSOCfgInfoServlet.  Make a note of the service name displayed on the page.

Next, log into ssoconfig and export that service:

Now, open the file you just exported.  Update the OVERRIDE attribute to “true”.  Update the “PROVIDER” element to the new server and port.

Next, upload your updated file into ssoconfig.  The syntax is ssoconfig -l <password> <full file path>

For example:

Ssoconfig data is stored in the security cache, so you will need to recycle your system for this change to take effect.

NOTE: If you need to change the credentials for the domain controller, this will be an extra process.  You will need to update the service associated with your LDAP bind.  This is most likely your SSOP_BIND service.  You can look under privileged identities in Lawson Security, check for a “DEFAULT” key associated with your ldap bind user.  That is your LDAP bind service.

To update the credentials for this service, log into ssoconfig and select Manage privileged access to services > Change existing identity.  Enter the service that you noted above.  Enter the correct user DN.  Enter the password.

Recycle Lawson.