OPENAM-5097 the AD and LDAP authentication modules now support StartTLS for secure connections. As part of the work there were changes made to the configuration schema (both sunAMAuthADService and iPlanetAMAuthLDAPService service):
- the "iplanet-am-auth-ldap-ssl-enabled" property has been removed
- the new property of "openam-auth-ldap-connection-mode" has been introduced with the possible values of "LDAP", "LDAPS", "StartTLS".
This means that existing ssoadm scripts will need to be updated to use the new configuration attribute.
Existing configurations are upgraded by the upgrade procedure.