Configure Microsoft Entra ID to support LDAP

1.      Go to the Start menu on your computer and click Run.

2.      Enter mmc in the Run window and click OK.

3.      Click Yes when prompted to accept changes to your computer. The Microsoft Management Console window appears.

4.      Go to File > Add/Remove Snap-in... The Add or Remove Snap-ins dialog box appears.

5.      Click Certificates under Available Snap-in.

6.      Click Add. A Certificates snap-in dialog box appears.

7.      Select My user account.

8.      Click Finish. The Certificates Snap-in is added to the list of Selected snap-ins.

9.      Select Certificates - Current User and click OK to add the certificates snap-in to MMC.

You are returned to the Console dialog box and Certificates - Current User is added to the Console dialog box.

10.  Under Console Root expand Certificates - Current User > Personal > Certificates. The self-signed certificate you created appears in the list of certificates.

11.  Right-click the self-signed certificate you created and select All Tasks > Export... The Certificate Export Wizard opens.

Note: You must export both the private key and the certificate. You cannot enable secure LDAP for a managed domain using a PFX that does not contain the certificate's private key.

12.  Complete the following steps to complete the Certificate Export Wizard.

a.      Click Next. The Export Private Key page appears.

b.      Select Yes, export the private key and click Next. The Export File Format page appears.

c.      Select Personal Information Exchange - PKCS #12 (.PFX) as the file format for the exported certificate.

d.      Select Include all certificates in the certification path if possible.

e.      Click Next. The Password page appears.

f.        Type a password for your certificate in the Password field.

g.      Retype to confirm the password.

Note: Record this password in a separate location. You will need to enter this password to access the certificate.

h.      Click Next. The File to Export page appears.

i.        Enter the file path, including the file name and location, where you want to export the certificate

–or–

j.        Click browse to navigate to where you want to store the certificate and type the certificate name.

k.      Click Save to return to the File to Export page.

l.        Click Next.

13.  Click Finish. A confirmation messaged appears and you are returned to the Console window.

14.  Click OK.

 

1.      In the Console window, reselect the certificate you created in Step 1: Obtain a certificate for secure LDAP to the managed domain.

2.      Right-click the self-signed certificate you created and select All Tasks > Export... The Certificate Export Wizard opens.

3.      Click Next and do the following to export the certificate in .CER format:

a.      Click No, do not export the private key and click Next. The Export File Format page appears

b.      Select DER encoded binary X.509 (.CER) as the format you want to use and click Next.

c.      Browse to where you want to store the certificate, enter a name for the certificate.

d.       Click Save to return to the File Export page.

e.      Click Next.

f.        Click Finish. A confirmation messaged appears and you are returned to the Console window.

4.      Click OK.