Basic configuration for adapter-to-Active Directory SSL communication
The Active Directory Adapter can be on a domain controller or non-domain controller workstation.
Communication between Active Directory Adapter and Active Directory is not secure. Data sent over the network is in plain text. The Active Directory Adapter uses secure authentication method (no SSL) to identify itself to the active directory. For this, provision is made on the Active Directory service form to accept a user ID and password to authenticate to the Active Directory.
Active Directory uses Kerberos, and possibly NTLM, to authenticate the Active Directory Adapter. When the user name and password are NULL, ADSI binds to the object using the security context of the calling thread, which is either the security context of the user account under which the application is running or the context of the client user account that the calling thread represents.
When SSL communication is set up between the adapter and Active Directory, it allows data transfer over the network in encrypted form.
- Install the AD Agent on the domain controller or on any workstation with-in the domain.
- Deploy on-Prem Container Components (IB, Verify Agent) using the Composed yml file.
- Create/Upload AD Profile in Verify.
- Then try creating AD Application in Verify.