Pages

Sunday, February 10, 2013

How to integrate Firemon with Active Directory to authenticate users

How to integrate Firemon with Active Directory to authenticate users

Steps that need to be followed on the Microsoft Certificate Authority









                               
                                    


Converting the .CER certificate to .DER certificate

Log on to https://www.sslshopper.com/ssl-converter.html to convert the .CER certificate to .DER as firemon uses only .DER certificate



Click on convert and .DER certificate will be downloaded. The certificate is ready to be uploaded on the firemon server and to be installed.


Upload the Certificate on the firemon server and installing it

Login to the firemon server using the ssh shell,  you can use PUTTY.

Go to /opt/firemon/JAS

In order to upload the certificate to the above mentioned path, you can use WINSCP to upload the certificate


we need to first stop the firemon server using the command below

logon to putty and go to the JAS folder and run fmsh_fmstop command to stop the server



use the command to install the certificate 

./fm-server.sh -installCert -alias ad-certificate -filename ad-certificate.der


we need to start the service after installing it.




Settings that need to be made on the Firemon using the Client GUI



NOTE:
You need to create any account in the Managed Services Account in AD, the account doesnt need any special privileges, it only is required to query the AD for the user searching and authentication





once all the settings are done, we will login from the ad user on the firemon and Viola.........we are IN!



1 comment: