![]() ![]() When Pexip Infinity connects successfully to the LDAP server, the support log will contain an entry similar to this: Connectivity error messages and using the support logĭiagnostic information is also recorded in the support log ( Status > Support log). If multiple addresses are returned by SRV lookups, the system will attempt to connect to each address in priority order. Only TLS connections are attempted as a result of _ldaps lookups. If the TLS connection attempt fails, the system will then attempt a TCP connection, but only if Allow insecure transport is enabled. When a DNS lookup is successful, the system will first attempt to establish a TLS connection with the server at the returned address. ![]() Perform a DNS SRV lookup against _ldap._tcp.Perform a DNS SRV lookup against _ldaps._tcp.If the LDAP server address is configured as an IP address, the system will connect directly to the given address, otherwise it treats it as a domain or FQDN and attempts to resolve the address via DNS lookups in the following sequence: Requests to search the Active Directory Global Catalog use ports 3268 (TCP) and 3269 (TLS). The system will connect to the port returned by an SRV lookup, otherwise it will connect to 389 (TCP) or 636 (TLS). In addition, the resolved LDAP server address must match the CN (common name) contained within the certificate presented by the LDAP server. the LDAP server’s certificate must be signed by an authority within the Pexip Infinity trusted CA certificates store. To establish a TLS connection, the Pexip Infinity platform must trust the certificate presented by the LDAP server i.e. If that fails it may fall back to a TCP connection if allowed. The system always tries in the first instance to set up a TLS connection with the LDAP server. When resolving the LDAP server address, the system supports DNS SRV and DNS A/AAAA lookups. Note that all LDAP distinguished names must be entered as per the LDAP standard ( RFC 4514). This section explains how Pexip Infinity connects to the LDAP server, and provides guidance on how to troubleshoot connection problems. authenticate and authorize the login accounts that are allowed to connect to the Pexip Infinity Administrator interface or the Pexip Infinity API.bulk-provision individual Virtual Meeting Rooms or devices for every member of the directory.Pexip Infinity can be configured to connect to a Windows Active Directory LDAP server, or any other LDAP-accessible database, in order to: ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |