Install and configure directory service

Installation and configuration steps:

Install directory service

The Entrust Authority Security Manager requires an LDAP (Lightweight Directory Access Protocol) compliant directory service or a third-party LDAP-compliant X.500 directory. A remote OpenLDAP directory service with a self-signed certificate was used in this integration. See PSIC-Entrust Authority Security Manager x for the list of directory services supported.

  1. Install the required directory service.

  2. Add the following firewall rule if accessing a directory in another server:

    firewall-cmd --add-port=389/tcp

Configure directory service

The Entrust Authority Security Manager directory schema configuration is described in Entrust Authority Security Manager 10.0 Documentation Suite - Issue x.

  1. Implement the configuration corresponding to your directory service.

    The following directory service parameters are used in this integration:

    • Top Level DN: dc=entrustsm,dc=local

    • CA Directory Location: ou=CAentry,dc=entrustsm,dc=local

    • Director Administrator: cn=EntrustAdmin,ou=CAentry,dc=entrustsm,dc=local

    • First Officer: cn=FirstOfficer,ou=CAentry,dc=entrustsm,dc=local

  2. Test access to the directory services:

    % C:\OpenLDAP\ClientTools\ldapsearch -x -h  ldap://<Name_or_IP>  -D "cn=EntrustAdmin,ou=CAentry,dc=entrustsm,dc=local" -b "cn=EntrustAdmin,ou=CAentry,dc=entrustsm,dc=local" -s sub -W
    Enter LDAP Password: ***********
    # extended LDIF
    #
    # LDAPv3
    # base <cn=EntrustAdmin,ou=CAentry,dc=entrustsm,dc=local> with scope subtree
    # filter: (objectclass=*)
    # requesting: ALL
    #
    
    # EntrustAdmin, CAentry, entrustsm.local
    dn: cn=EntrustAdmin,ou=CAentry,dc=entrustsm,dc=local
    objectClass: top
    objectClass: person
    objectClass: organizationalPerson
    objectClass: inetOrgPerson
    uid: entrustadmin
    sn: Administrator
    userPassword:: e1NTSEF9dll6U0huV2w3Wm90MFJPTTFDbVhzVjIycHhyckkvREw=
    description: Security Manager Directory Administrator
    cn: EntrustAdmin
    
    # search result
    search: 2
    result: 0 Success
    
    # numResponses: 2
    # numEntries: 1