So Option 2: Is setup a domain PKI solution and use that. If you only have one server that’s probably our best option, but in any production network thats not a very elegant solution. Option 1: Install an enterprise root CA on one of your domain controllers, (that fixes all these problems in one hit). With that in mind, there are two ways for us to solve this problem. To query a domain controller over LDAPS you need a certificate to secure that communication, techies tend to back away when PKI is mentioned, I’m not sure why, but most people fear what they don’t understand, and encryption is pretty complicated,but just think Or more directory connections is incorrect. There was a problem processing your request. RSA Operations Console Add New Identity Source The reason I’m concerned with LDAPS this week, well I was deploying, an RSA Authentication Manager Appliance and when I tried to add Active Directory as an Identity source, this happened To address that you can secure and encrypt that traffic with SSL. ![]() ![]() The problem is that information is sent in ‘cleartext’, which is not ideal. Like any directory, if you want information when you query the directory it returns a result. Active Directory is built on LDAP, I’ve known this for a long time, but other than it’s a directory protocol that’s about all I did know.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |