Typically, because of security, we set up OpenLDAP as a translucent gateway of sorts to out corp AD. We have no access to the corp AD, but we can bind to it (over 636) with OpenLDAP so we can use out corp credentials in our lab environment.
This way the users can still log into resources in our lab using corp credentials and we can set permissions in our LDAP server.
How do I set up UCS the same way? Also I will need to use the corporate certificate to do this as well.