To increase security, DataIQ can authenticate Active Directory (AD) users by using Secure Lightweight Directory Access Protocol (LDAPS). LDAPS is preferred over LDAP because LDAPS does not send sensitive data unencrypted through the network. To use LDAPS with DataIQ, you need a TLS certificate, with TLS version 1.2 or greater.
Steps
Copy the public TLS certificate from the AD server to the DataIQ server, for example, to /opt/dataiq/bin/ldapwin.cer.
Add the TLS certificate to DataIQ using the certificate filename. Example:
sh svc_dataiq_add_cert_for_ldap_to_truststore.sh ldapwin.cer
When the script has run successfully, the output shows Keycloak is restarted. Example:
statefulset.apps/keycloak restarted
After a few minutes, verify that the pod, keycloak-0 , is running. This pod allows DataIQ to use the authentication provider over LDAPS.
dataiq status
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\