Issue
This KB explains how to connect Active Directory via LDAPS through MID Server when you are using a self-signed certificate.
The mid server documentation states:
"Note: Internal endpoints or URLs need to possess a valid CA signed certificate for a successful connection.
For endpoints that host a self-signed certificate, either import the certificate to the MID Server truststore or disable the policy checks which validate that host. For more information about adding certificates, see Add SSL certificates for the MID Server."
Kindly follow the below steps to connect Active Directory via LDAPS through MID Serve if you are using a Self Signed Certitifcate, a CA signed certificate does not require the extra steps described below.
Step 1: As communication happens securely over SSL. As a first step need to upload the certificate to the MID Server. Please refer to the below documentation to know how to upload the certificate to the MID Server.
Add SSL certificates for the MID Server
Step 2: In Servicenow instance, navigate to System LDAP > LDAP Servers > LDAP Record (which you are going to change from LDAP to LDAPS)
Step 3: Open the LDAP server form, in the LDAP server URL, change the URL from LDAP to LDAPS and port 389 to 636 (Default port).
Step 4: If you are creating a new LDAP server, whenever you select the MID Server then the SSL flag (which is in the form) will set to false by default. Kindly ignore this behavior.
As we have already done the changes in the connection URL communication happens through LDAPS only.
Sample Image of LDAPS connection URL and SSL flag
Release
All Releases
