5.15.3 Procedure for changing an LDAP environment to an LDAPS environment

The following describes the procedure for changing the settings of Navigation Platform so that LDAPS is used for user authentication instead of LDAP.

To use LDAPS, you must prepare a CA certificate before starting the following procedure.

Important

Note the following points when performing the procedure to change an LDAP environment to an LDAPS environment:

• Back up the keystore file ("%UCNP_HOME%\PP\uCPSB\jdk\lib\security\cacerts"), if necessary.

• If the message "Enter the keystore password" appears during the following procedure, enter the keystore password.

• For details about the keystore password, see 5.15.1 Procedure for registering or updating a CA certificate in the keystore.

1. Registering or updating a CA certificate in the keystore

   Refer 5.15.1 Procedure for registering or updating a CA certificate in the keystore, and register or update the CA certificate in the keystore.

2. Edit the settings file.

   Open the "%UCNP_HOME%\conf\ucnp_setup_user.properties" file, and then edit the values of the following items.

   - Required items: These items must be set if you want to use LDAPS.

   • ucnp.setup.server.ldap.directory.kind

     For LDAPS, specify AD.

   • ucnp.setup.server.ldap.protocol

     For LDAPS, specify ldaps.

   • ucnp.setup.server.ldap.hostname

     Specify the host name including the domain name of the connection destination LDAPS server.

   • ucnp.setup.server.ldap.port

     For LDAPS, specify the LDAPS wait port (default: 636) for AD.

   - Optional items: Set these items if the values in the file differ from the default values.

   • ucnp.setup.server.ldap.java.naming.security.principal

   • ucnp.setup.server.ldap.java.naming.security.credentials

   • ucnp.setup.server.ldap.com.cosminexus.admin.auth.ldap.basedn

   • ucnp.setup.server.ldap.com.cosminexus.admin.auth.ldap.attr.userid

   • ucnp.setup.server.ldap.com.cosminexus.admin.auth.ldap.attr.password

   • ucnp.setup.server.ldap.group.basedn

   For details about each property, see 8.3 Specifying settings in the user setup property file (ucnp_setup_user.properties).

3. Use the npunsetup command (unsetup) to perform unsetup of Navigation Platform.

   Command path

   Navigation-Platform-installation-directory\bin\npunsetup

4. Execute the npsetup command (setup) to set up Navigation Platform.

   Command path

   Navigation-Platform-installation-directory\bin\npsetup

To Page Top