Get the LDAP server certificate from the LDAP administrator, or you can use a command. For example,
openssl s_client -connect <LDAP server IP>:636
and then copy the text returned (between but not including the BEGIN and END lines) into a file.
Import the LDAP server certificate into the Sentinel FIPS keystore.
For more information about importing the certificate, see Importing Certificates into FIPS Keystore Database.
Log in to Sentinel Web console as a user in the administrator role and proceed with configuring LDAP authentication.
For more information, see Configuring LDAP Authentication
in the NetIQ Sentinel Administration Guide.
NOTE:You can also configure LDAP authentication for a Sentinel server running in FIPS 140-2 mode by running the ldap_auth_config.sh script in the /opt/novell/sentinel/setup directory.