Configure LDAPS connection to a domain
Follow the steps below to configure ESET PROTECT Virtual Appliance to connect to Active Directory via LDAPS.
Prerequisites
•Set up LDAPS on the Domain Controller—Ensure to export the DC Certification Authority public key.
•Ensure Kerberos is correctly configured on your ESET PROTECT VA
Enable LDAPS on ESET PROTECT VA
1.Open virtual machine's terminal window with ESET PROTECT VA.
2.Log in to the management mode by typing your password (specified during ESET PROTECT VA configuration) and pressing Enter twice.
3.Select Exit to terminal using the arrow keys and then press Enter.
4.Stop the ESET PROTECT Server service:
systemctl stop eraserver
5.Type the following command:
nano /etc/systemd/system/eraserver.service
6.Add the following line to the [Service] section:
Environment="ESMC_ENABLE_LDAPS=1"
7.Press CTRL+X and type Y to save the file changes. Press Enter to exit the editor.
8.Run the following command to reload the configuration:
systemctl daemon-reload
9.Start the ESET PROTECT Server service:
systemctl start eraserver
10. Copy the certificate file you generated on the Domain Controller to the following location on your ESET PROTECT VA Server:
/etc/pki/ca-trust/source/anchors/
11. Run the following command:
update-ca-trust