Enable option to use LDAPS for authentication with Active Directory

4 votes

We are working with vendors to mitigate security issues with vendor applications using simple LDAP for authentication to Active Directory. A Microsoft high vulnerability was released earlier this year warning of LDAP configurations that don't conform to channel binding and signing during the negotiation between systems; the clear text credentials passed using simple LDAP is vulnerable to a man-in-the-middle attack. The fix is to enforce binding and signing, or enable LDAPS, which I understand you don't support either method at this time.

Collecting community feedback OpCon Suggested by: Hidden identity Upvoted: 03 Mar Comments: 1

Comments: 1

Add a comment

0 / 1,000

* Your name will be publicly visible

* Your email will be visible only to moderators