Cybersecurity
DevOps Cloud
IT Operations Cloud
OpenText product name changes coming to the community soon! Learn more.
Objective
This document provides information on how to configure proxies between ZENworks Mobile Workspace, a GroupWise server, and an LDAP source using an Nginx and an LDAP Proxy, respectively.
Prerequisites
Configuring the Nginx Proxy
server {
listen 443 ssl;
server_name nginx_proxy.company.com;
ssl_session_timeout 5m;
ssl_certificate /etc/ssl/certs/nginx_proxy_certificate.cer;
ssl_certificate_key /etc/ssl/private/nginx_proxy.key;
location /soap {
proxy_pass https://mailserver.company.com:7191;
proxy_ssl_trusted_certificate /etc/nginx/sslcerts/mailserver.cer;
proxy_ssl_verify on;
}
}
In the lines listed above, specify the relevant values for the following parameters:
Save the nginx.conf file and restart the nginx service.
Configuring the LDAP Proxy
Edit the nlpconf.xml file to configure the LDAP Proxy
Configuring the Listeners
Listeners are the network interfaces on which LDAP Proxies listen for incoming requests. Using the proxy you can configure any number of listeners to listen on multiple interfaces. To configure a listener on a secure port, perform the following steps:
<listener id-listener="listener1">
<service protocol="ldaps">
<addr-ipv4>0.0.0.0</addr-ipv4>
<port>636</port>
</service>
<certificate-file-name>private-cert.pem</certificate-file-name>
<ref-policy-connection-route>conn-route-policy</ref-policy-connection-route>
</listener>
For more information about Listeners click here.
Configuring the Back- End Server
A back-end server is a directory server to which the LDAP Proxy Server is connected. To configure a back-end server on a secure port, perform the following steps:
<list-backend-server health-check-interval-secs="60">
<backend-server id-backend-server="Backend1">
<service protocol="ldaps">
<addr-ipv4>x.x.x.x</addr-ipv4>
<port>636</port>
</service>
</backend-server>
</list-backend-server>
For more information about back-end servers click here.
For verification you need to follow these steps: