AD Sync

To change the configuration of AD Sync from HTTP to HTTPS, please follow the below steps:

  1. Press Win+R and type services.msc.
    Figure 1. Hosting AD Sync from HTTP to HTTPS
  2. Click OK to open Windows Services.
    Figure 2. Hosting AD Sync from HTTP to HTTPS (cont.)
  3. Search for HCL.iAutomate.ADSyncService and right-click on it.
  4. Click Properties.
    Figure 3. Hosting AD Sync from HTTP to HTTPS (cont.)
  5. Copy the value mentioned in ‘Path to executable’ as shown in the image below.
    Figure 4. Hosting AD Sync from HTTP to HTTPS (cont.)
  6. Open File Explorer and paste the copied path and press Enter to open the desired folder.
  7. Search for HCL.iAutomate.Service.AD.exe config file and open it in a Notepad.
    Figure 5. Hosting AD Sync from HTTP to HTTPS (cont.)
  8. Within the HCL.iAutomate.Service.AD.exe config file, find the key ‘ServiceHostURL’ and change its value from HTTP to HTTPS.
    Figure 6. Hosting AD Sync from HTTP to HTTPS (cont.)
  9. Within the HCL.iAutomate.Service.AD.exe config file, find the key ‘securityMode_Service’ and change its value from 2 to 3.
    Figure 7. Hosting AD Sync from HTTP to HTTPS (cont.)
  10. Within the HCL.iAutomate.Service.AD.exe config file, find the key ‘IsSelfSigned_Service’ and change its value from N to Y.
    Figure 8. Hosting AD Sync from HTTP to HTTPS (cont.)
  11. Change the security mode="TransportWithMessageCredential" under <binding> tag
    Figure 9. Hosting AD Sync from HTTP to HTTPS (cont.)
  12. Save the file for changes to be reflected.
  13. Open the command prompt as administrator and run the following command:
    netsh http add sslcert ipport=<ip>:<port on which service is running> appid={8c00e29d-1a3e-439b-a449-7e26b64b9d27} certhash="<Thumbprint of the certificate>"
    Note:
    Replace the < Thumbprint of the certificate> with the GUID identified earlier.
  14. Select HCL.iAutomate.ADSyncService service and click Restart to restart the service.
    Figure 10. Hosting AD Sync from HTTP to HTTPS (cont.)