I’d like to connect to our Active Directory Server using the ‘Secure’ option in VMTurbo, how do I achieve this?
First the Domain itself has to be configured to use LDAPS. Please refer to Microsoft documentation on how to configure LDAPS.
In this document we will be using a Windows 2008R2 Domain, with the Enterprise CA Role installed on the Domain controller. This configuration enables LDAPS automatically.
- Save the SSL Certificate information from your LDAPS Server to a .CER file (one way to accomplish this is by viewing the certificate properties and Save As.. or Export to get a .CER file.)
- Now SCP (secure copy) this .CER file from the PC/MAC/Etc. which you've saved the .CER file to the VMTurbo appliance, /tmp DIR, using the credentials: root/vmturbo
- Next open an ssh session to the VMTurbo appliance using root/vmturbo
- cd /tmp
- Run the following command: keytool -import -alias secure -file secure.cer -keystore secure.jks
- (The above example assumes you’ve saved the .CER file with the name ‘secure.cer’, replace all instances of ‘secure’ with your file name)
- Create a keystore PW if asked to do so
- cp secure.jks /etc/ssl/certs
- vi /etc/tomcat/tomcat.conf (or vi /etc/tomcat6/tomcat6.conf for pre 4.0 release)
11. Next we have to restart tomcat so it picks up the new keystore:
12. From the ssh session run:
service tomcat6 restart (for pre-4.0 versions of VMTurbo)
service tomcat restart (for 4.0+ versions of VMTurbo)
13. Now go to your web browser and login to VMTurbo
14. Go to the Admin Tab >> User Authentication
15. Add the Active Directory Server name and click the ‘Secure’ checkbox, Click the ‘Apply’ button
- Note: If you already had the Active Directory Server entered, simply check ‘Secure’ and click ‘Apply’.
16. Now add a user from this domain, selecting ‘Type’ as ‘Active Directory’
17. Log out of VMTurbo Web Interface
18. Log in with the new or existing domain user using domain\username
Once logged in using your AD credentials, you are connected to AD