1) What are the benefits of using SSL?
Security of your ldap transactions is the main benefit of using SSL.
2) Do I need to use SSL?
You need to use SSL if you are trying to access or modify any restricted attributes in the directory server.
3) How do I know if I am accessing restricted attributes?
Generally if you are using a BindID to access the directory, you are trying to access restricted attributes. However there may be exceptions. You can contact us to at aadssupport@cornell.edu to verify if you are accessing restricted attributes.
4) To which server should I point in order to perform an ldapsearch using SSL?
query.directory.cornell.edu
5) To which server should I point in order to perform an ldapmodify using SSL?
master.directory.cornell.edu
6) What changes should I make to my existing program to enable SSL?
Refer to “Enabling your LDAP clients against SSL”
7) Where would I go to download the root cert?
Go to the Geotrust site and download the CA root cert. Please download the "Equifax Secure Certificate Authority"
8) To which test server should I point in order to perform an ldapsearch using SSL?
test.directory.cornell.edu
9) To which test server should I point in order to perform an ldapmodify using SSL?
testmaster.directory.cornell.edu
10) Whom should I contact if I have trouble getting SSL to work?
aadssupport@cornell.edu
