For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

mnb_63148's avatar
mnb_63148
Icon for Nimbostratus rankNimbostratus
May 08, 2014

ldapsearch string

Is anyone familiar with the correct syntax for an ldapsearch query? I am trying to set up Remote AD authentication on the LTM, but it is not working. When I run the ldapsearch string, it returns the ...
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
May 09, 2014

Any idea how to perform an ldapsearch for secure LDAP that requires a root certificate? Or if not an ldapsearch, how to configure secure LDAP in the GUI?

Command line LDAPS requires a minor change:

-H ldaps://x.x.x.x:y

For remote AD auth, if you can get the above LDAPS command linie to work, and you can do remote AD auth with LDAP 389, then in the GUI you should only have to:

  1. Change the port to 636

  2. Enable SSL

  3. Apply an SSL CA Certificate - this is the CA certificate that issued the server's cert. If there are multiple CA's in that path (ie. CA -> subordinate CA -> server), then you need all of the CAs in that path, copied in PEM (Base64) format to a text file, and then uploaded as a "bundle" cert.

  4. You only need the SSL client certificate and key if the server requires a client certificate from the client.