Skip to main content

Appendix E: Active Directory with SSL

There are two cases addressed here. The first case considers how to configure PK Protect with AD and SSL on a fresh install. The second case addresses how to change the authentication method on an existing installation.

CASE 1

Step 1: First install the build.

Step 2: After installing the build, give the path of the keystore and password (in encrypted format) in “DgConnection.properties” file.

/opt/Dataguise/DgSecure/tomcat9/webapps/dgcontroller/WEB-INF/classes/com/dataguise/hibernate/DgConnection.properties

Step 3: Update below mentioned properties in “DgConnection.properties” files.

postgresTrustedStoreLocation = /opt/Dataguise/DgSecure /DgCertificate/DgTestCertificate.jks

postgresTrustedStorePassword =40z/H6qLk8eSl09PKlyLfg==

By default, “dataguise” encrypted password is mentioned in above mentioned property.

Step 4: We can encrypt the “postgresTrustedStorePassword” using dgcl with the below mentioned command:

encrypt "dataguise";

Step 5: Restart tomcat service.

Step 6: Open Admin page for installing the license.

Step 7: After the license is installed, enter Secure AD detail.

For LDAPS protocol default port is 636. For LDAP protocol default port is 389

Step 8: Now, enter the user details in next page.

Now, you can successfully log into PK Protect with Secure Active Directory details.

CASE 2

Step 1: First install the build

Step 2: After installing the build, give the path of the keystore and password (in encrypted format) in “DgConnection.properties” file.

/opt/Dataguise/DgSecure/tomcat9/webapps/dgcontroller/WEB-INF/classes/com/dataguise/hibernate/DgConnection.properties

 

Step 3: Update below mentioned properties in “DgConnection.properties” files.

postgresTrustedStoreLocation = C\:\\Program Files\\Dataguise\\DgSecure\\DgCertificate\\DgTestCertificate.jks

postgresTrustedStorePassword =40z/H6qLk8eSl09PKlyLfg== 

By default, “dataguise” encrypted password is mentioned in above mentioned property. 

Step 4: We can encrypt the “postgresTrustedStorePassword” using dgcl with the below mentioned command:

encrypt "dataguise"; 

Step 5: Restart tomcat service

Step 6: Go to Admin >Authentication page” and update the new AD details.

For LDAPS protocol default port is 636. For LDAP protocol default port is 389. 

Step 7: If we are using the secure AD, then we must check “Directory Service” checkbox from Admin > Settings page.

When we checked the Directory Service checkbox then “LDAPS” protocol value saved in backend. If user did not check the Directory Service checkbox, then “LDAP” protocol value saved in backend. 

Step 8: Go to Admin > Users, and add/update Active Directory user details.

Step 9:  Restart the tomcat service.

Step 10: Now login with updated authentication method or with new user details.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.