Azure Active Directory for Secure LDAP Authentication
Azure Active Directory for Secure LDAP Authentication
You can import users from Azure Active Directory (Azure AD) into an LDAP security domain.
Azure Active Directory Domain Services provide a secure LDAP public IP address that you use to import user accounts from Azure Active Directory into an LDAP security domain. Users you import can use their LDAP credentials to log in to Informatica nodes, services, and applications that run on virtual machines in an Azure Active Directory managed domain.
You must enable Secure Lightweight Directory Access Protocol (secure LDAP) authentication in Azure Active Directory Domain Services to authenticate Informatica users.
Complete the following steps to prepare to import user accounts from Azure Active Directory into an Informatica domain:
Verify that port 636, which is the Azure Active Directory secure LDAP port, is accessible through your firewall.
Enable secure LDAP authentication in Azure Active Directory Domain Services.
You use the Azure portal to enable secure LDAP in Azure Active Directory Domain Services. For information about configuring secure LDAP in Azure Active Directory Domain Services, see the following link:
When you configure the secure LDAP certificate in Azure Active Directory Domain Services, ensure that the Subject name on the certificate is the Fully Qualified Domain Name (FQDN) of Azure Active Directory.
Convert the secure LDAP certificate from the PFX format to the PEM format. Java requires that the certificate is in the PEM format.
Import the certificates used by all domain nodes into the Java
cacerts
truststore file in the following directory on a single gateway node in the domain:
file that contains the imported certificates to the same directory on every other gateway node in the domain.
Add the Azure Active Directory public IP address and the Fully Qualified Domain Name (FQDN) of Azure Active Directory to the /etc/hosts file on each gateway node in the domain. Use the following format:
<Azure Active Directory host IP address> ldaps.<FDQN of Azure Active Directory>