Azure LDAPS Setup

  1. In order to connect to Azure LDAPS server, you must start by importing the certificate. For instructions click here.
  2. Open the AzureCertificate.pfx and run the Certificate Import Wizard:
    1. Choose Local Machine and click Next
    2. Select path where the certificate should be saved
    3. Enter password
    4. Select Auto Mode and click Finish
  3. Export your secure LDAP certificate and convert it to a .cer file. For instructions on how to do this, click here.
  4. IMPORTANT: be sure to replace steps 12-14 (inclusive) with the following:

    1. At step 12, select No, do not export the private key.
    2. At step 13, select either the first or second option (ending in .CER).
    3. Step 14 is not relevant – skip to step 15.

  5. Upload the certificate to the Azure Server. For instruction click here.
  6. Open 'Command Prompt' and use 'keytool' to import the certificate to Java.
    1. Enter the path to the keytool and enter the command in the example below. Note that the keytool is located within the bin folder in the Java directory (like C:\Program Files\Pyramid\java\bin).

      Example:

      For a version of Pyramid upgraded from version 1, 2, or 3:

      keytool -keystore “C:\Program Files\Pyramid\java\bin\lib\security\cacerts” -import -alias certificate -file “[saved-path]\[certificate-name].cer”

      For a new install of Pyramid:

      keytool -keystore “C:\Program Files\Pyramid2018\java8\jre\bin\lib\security\cacerts” -import -alias certificate -file “[saved-path]\[certificate-name].cer”

      IMPORTANT

      Be aware of the difference between the two examples above, and use the appropriate option. Depending on which option is relevant to you, there may or not be a space in "Pyramid"

      NOTE:

      Saved-path – the location where the AzureCertificate.pfx was saved in step 2.

      Certificate-name - this is the name that the certificate was saved as.

    2. Next, click Enter and enter the password (the default password is 'changeit') and click Enter.
    3. Next, under Trust this computer, enter 'y' and click Enter.
  7. Add the domain service to the host file, using your secure LDAP external IP address and domain name:

    [secure LDAP external ip address] [ dns domain name]

  8. In the Admin Console in Pyramid, open the Authentication tab in Access. Under Provider, select Azure Active Directory and enter the required details.
  9. Restart the Runtime Engine.