Subscribe

UiPath Process Mining

The UiPath Process Mining Guide

Set up Secure LDAP

Secure LDAP

For increased security, it is recommended to use LDAPS instead of LDAP. In case of LDAPS, the ldap setting in UiPath Process Mining must be changed:

  • the url must be updated,
  • a tlsOptions property must be added.

The tlsOptions property will contain the contents of the LDAPS certificate. This certificate needs to be in the PEM file format.
If your certificate is in another format, you can use OpenSSL to convert it. The certificate needs to be added as a single line where all line breaks are noted as \n. For example:

📘

Note

If your certificate is in another format, you can use OpenSSL to convert it. The certificate needs to be added as a single line where all line breaks are noted as \n. See below for an example.

"ExternalAuthenticationProviders": {
    "ldap": {
            "url":             "ldaps://PROCESSGOLDTEST.pgdctest.local:636",
            "base":            "DC=pgdctest,DC=local",
            "bindDN":          "PGDCTEST\\testuser",
            "bindCredentials": "Passw0rd!",
            "tlsOptions": {
                "ca": ["-----BEGIN CERTIFICATE----\nKJHIBuhobUYOBuy\njhgbouigh\n-----END CERTIFICATE-----"],
            "rejectUnauthorized": true
        }
  }
}

📘

Note

The server certificate is verified against the certificates in “ca”. Depending on how your LDAPS server is configured, “ca” can contain multiple certificates, or can even be omitted.

Debugging Secure LDAP

If you experience difficulties when setting up secure LDAP, you can omit the “ca” property for testing purposes. In which case you also must set the “rejectUnauthorized” property to false:

"ExternalAuthenticationProviders": {
    "ldap": {
            "url":             "ldaps://PROCESSGOLDTEST.pgdctest.local:636",
            "base":            "DC=pgdctest,DC=local",
            "bindDN":          "PGDCTEST\\testuser",
            "bindCredentials": "Passw0rd!",
            "tlsOptions": {
                    "rejectUnauthorized": false
    }
    }
}

This way you can check if the issue is a certificate issue or something else.

📘

Note

Do not set “rejectUnauthorized” to false on production environments.

Updated 6 months ago

Set up Secure LDAP


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.