Author Topic: Micollab Enable Authentication - How?  (Read 3352 times)

Offline jomitelquery

  • New Member
  • *
  • Posts: 1
  • Country: gb
  • Karma: +0/-0
    • View Profile
Micollab Enable Authentication - How?
« on: March 30, 2017, 02:35:38 PM »
Currently importing users successfully from Active Directory through the IDS however want to enable authentication so our Active Directory Server authenticate logins into Micollab. Requires enable authentication to be ticked and secure method off SSL/TLS to be ticked. However getting schannel event logs on our directory server and error within IDS indicating server cannot be contacted when secure method is selected. From reading this requires LDAPS and the use of certifcates? Correct?
What are prereqs for this to work? A Microsoft Certificate Authority to be installed on our directory server or to install the Mitel Certificate Authority on the directory server? Mitel documentation states the Mitel? If so can anyone confirm the steps required?
Many Thanks


Offline nowickj

  • Jr. Member
  • **
  • Posts: 61
  • Country: pl
  • Karma: +1/-0
    • View Profile
Re: Micollab Enable Authentication - How?
« Reply #1 on: April 06, 2017, 03:11:35 AM »
You must have A Microsoft Certificate Authority installed on AD server. I remember that I had a strange situation with that, because after setup I could not synchronize with AD. As I came on the other day everything worked :)

Offline martyn

  • Hero Member
  • *****
  • Posts: 688
  • Country: au
  • Karma: +10/-0
    • View Profile
Re: Micollab Enable Authentication - How?
« Reply #2 on: April 11, 2017, 12:46:14 AM »
Slight correction on the above, you need to have a certificate installed on the DC that you are synchronizing with.

You don't need to necessarily have Certificate Services installed on that particular DC, it just needs to have a certificate installed with IIS running on there.

Offline VinceWhirlwind

  • Hero Member
  • *****
  • Posts: 899
  • Country: au
  • Karma: +31/-0
    • View Profile
Re: Micollab Enable Authentication - How?
« Reply #3 on: April 26, 2017, 11:04:18 PM »
Can anybody shed some light on the procedure here?
 
Where do you get it from, and where do you put it, precisely?

Offline martyn

  • Hero Member
  • *****
  • Posts: 688
  • Country: au
  • Karma: +10/-0
    • View Profile
Re: Micollab Enable Authentication - How?
« Reply #4 on: April 26, 2017, 11:10:22 PM »
Can anybody shed some light on the procedure here?
 
Where do you get it from, and where do you put it, precisely?
Which part are you stuck on?

Offline VinceWhirlwind

  • Hero Member
  • *****
  • Posts: 899
  • Country: au
  • Karma: +31/-0
    • View Profile
Re: Micollab Enable Authentication - How?
« Reply #5 on: April 27, 2017, 12:08:21 AM »
Where do I get the certificate from that goes on the AD server? Will the AD server guy know what to do with it, or do I need to give him instructions?
 
Also, slightly different issue, or maybe it's the same - when users access their MiCollab Portal it tells them there is no certificate.
The Help file for client certificates says,
 
"Manage Client Certificates
To securely authenticate connections, some applications may request a security certificate signed by the MSL server using a Mitel Certificate Authority (CA). You can manage Certificate Signing Requests (CSRs) and issued certificates using the Certificate Management panel.
To approve a CSR:
Under Security, click Certificate Management. Certificate requests waiting for approval appear under the heading Queued CSRs.
Click the Certificate ID link."
 
There is no link. Also, is this something that happens once, or once per user?
 

Offline martyn

  • Hero Member
  • *****
  • Posts: 688
  • Country: au
  • Karma: +10/-0
    • View Profile
Re: Micollab Enable Authentication - How?
« Reply #6 on: April 27, 2017, 12:16:34 AM »
Where do I get the certificate from that goes on the AD server? Will the AD server guy know what to do with it, or do I need to give him instructions?
 
The certificate is signed by a trusted CA. Depending on the environment it could be as simple as requesting a web server certificate from the internal CA, if they have one, or could be a case of it having a publicly signed certificate by way of a wildcard or individual cert.

Quote
Also, slightly different issue, or maybe it's the same - when users access their MiCollab Portal it tells them there is no certificate.
The Help file for client certificates says,
 
"Manage Client Certificates
To securely authenticate connections, some applications may request a security certificate signed by the MSL server using a Mitel Certificate Authority (CA). You can manage Certificate Signing Requests (CSRs) and issued certificates using the Certificate Management panel.
To approve a CSR:
Under Security, click Certificate Management. Certificate requests waiting for approval appear under the heading Queued CSRs.
Click the Certificate ID link."
 
There is no link. Also, is this something that happens once, or once per user?
By default the MSL will use a self signed certificate. Because clients don't trust this they will receive an error when they go to the user portal. To stop this from happening you either need to load the cert in to the trusted certificates store on each system (either manually or via GPO), or generate a CSR on the server and have it signed by a trusted CA.

I am guessing by this that you are trying to complete an install for a customer? Are you trained and certified on MiCollab & MSL and understand how SSL certificates and Microsoft environments work?

Offline VinceWhirlwind

  • Hero Member
  • *****
  • Posts: 899
  • Country: au
  • Karma: +31/-0
    • View Profile
Re: Micollab Enable Authentication - How?
« Reply #7 on: April 30, 2017, 07:14:01 PM »
I guess what has me confused is that the instructions for enabling AD authentication talk about installing a certificate and that step in the help file links to the help page about installing certificates for clients, which I am realising has nothing to do with AD authentication.

Offline johnp

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 2201
  • Country: us
  • Karma: +66/-0
    • View Profile
Re: Micollab Enable Authentication - How?
« Reply #8 on: May 01, 2017, 11:01:32 PM »
The instructions are wrong.


 

Sitemap 1 2 3 4 5 6 7 8 9 10