Configuring an Active Directory in the agent
Each agent must be associated with at least one Active Directory.
See below for the required parameters.
Domain Name
The name of the root domain of the Microsoft Active Directory forest that was used when Preparing the Active Directory forest for WSTEP.
If an Active Directory with the same name exists and is linked to another agent, the wizard will display an error message.
If an Active Directory with the same name exists but is not linked to another agent, the wizard will display a confirmation request to load the Active Directory configuration.
The value used for the domain name should not be an IP address, nor should it be the FQDN of a domain controller.
Username
The user logon name obtained when Creating a PKIaaS WSTEP Service Account. This parameter supports the two formats described in:
https://learn.microsoft.com/en-us/windows/win32/secauthn/user-name-formats
For example:
mydomain\john.smithjohn.smith@mydomain.comPassword
The password selected when Creating a PKIaaS WSTEP Service Account.
DNS
The DNS of the Active Directory you configured in Preparing the Active Directory forest for WSTEP. Use the following syntax to set this value.
<machine>:<port>Where
<machine> is the domain name or IP address of the DNS server.
<port> is the port of the DNS service.
Certificate Authority
The Certificate Authority you configured in Configuring an Entrust PKIaaS issuing CA for WSTEP.
LDAPS Trusted Certificates
The root CA certificate of the LDAPS TLS certificates chain. The PKIaaS Virtual Machine will use this root CA certificate for validating connections with the Active Directory LDAPS service. Click Add Certificate to import one or more root CA certificates.
See Setting up LDAPS on domain controllers for how to configure the LDAPS TLS certificates.