Cryptzone Support

 
If you wish to submit a support ticket please sign in to your customer portal or use the “submit a ticket” button at the top menu.
If you need to find documentation about our Sheriff Suite please login to the Hive- Click Here

 

Article

Setting_up_AD_Active_Directory_for_TLS_to_allow_for_Password_changing

« Go Back

Information

 
Article Number000001070
Article

Active Directory will not allow passwords to be updated unless the LDAP communication is encrypted.

The standard method of encrypted LDAP communication is TLS/SSL. To make the AD TLS/SSL capable a certificate must be generated. If you have a CA the the following needs to be done:

Windows 2012R2:

At the end run a gpupdate.

Pre Windows 2012:

  1. Got to Start->Programs->Administrative Tools->Domain Security Policy.
  2. Go to Security Settings->Public Key Policies->Automatic Certificate Request Settings , right click and select New Automatic Certificate Request.
  3. Select Domain Controller from the window, then select your CA.

If you do not have a CA the following article might be useful: http://support.microsoft.com/kb/321051

Related File 
Additional Files 

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255