VERIFIED SOLUTION i

EngageOne LDAP questions

Product Feature: Administration

 
Question#1:Can EngageOne reference LDAPS (LDAP with SSL)? If so, which keystore does this application looks for certs? 
Answer : Yes, EngageOne can use LDAPS. It cannot be done during install and has to be configured manually afterwards in the config-settings.xml file.
The certificate will have to be imported from the LDAP server and placed in whichever keystore is required for the relevant application server.
The procedure for Jboss is well documented on the web and a quick Google should find it.
Other application servers will have their own procedure for dealing with certificates and should be handled by the administrator.
 
 
 
Question#2: Does EngageOne support LDAP load balancer or does it require to talk to the server directly? If so, how should the load balancer and port be referenced? 
Answer : LDAP load balancer is not supported, I believe, but you can add multiple hosts to the LDAP configuration in the config-settings.xml

Some follow-up questions for #2, about how to enter the multiple LDAP servers:

I see the following entries:
<setting>
<key>LDAP.Port</key>
<value>389</value>
</setting>
<setting>
<key>LDAP.Host</key>
<value>ldapservername</value>
</setting>

2. Assuming the same port, would we just enter multiple instances for the LDAP.Host setting, such as?
<setting>
<key>LDAP.Port</key>
<value>389</value>
</setting>
<setting>
<key>LDAP.Host</key>
<value>ldapservername1</value>
</setting>
<setting>
<key>LDAP.Host</key>
<value>ldapservername2</value>
</setting>

3. If one LDAP host is not available, would EnageOne & WAS automatically try the secondary host, or is it a manually fail over?
 
Answer: Unfortunately you can only enter 1 value for LDAP. I have asked about this in the past but It would need to be a product management call to get this feature added.
 
UPDATED:  April 12, 2017