23.2 Configuring LDAP Authentication in FIPS 140-2 Mode

To configure LDAP authentication for Sentinel servers running in FIPS 140-2 mode:

  1. Get the LDAP server certificate from the LDAP administrator, or you can use a command. For example,

    openssl s_client -connect <LDAP server IP>:636

    and then copy the text returned (between but not including the BEGIN and END lines) into a file.

  2. Import the LDAP server certificate into the Sentinel FIPS keystore.

    For more information about importing the certificate, see Importing Certificates into FIPS Keystore Database.

  3. Navigate to the Sentinel Main interface as a user in the administrator role and proceed with configuring LDAP authentication.

    For more information, see LDAP Authentication Against a Single LDAP Server Or Domain in the Sentinel Administration Guide.

    NOTE:You can also configure LDAP authentication for a Sentinel server running in FIPS 140-2 mode by running the ldap_auth_config.sh script in the /opt/novell/sentinel/setup directory.