Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - General
User Name
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.


  Search this Thread
Old 03-08-2006, 09:15 AM   #1
LQ Newbie
Registered: Mar 2006
Posts: 1

Rep: Reputation: 0
Authenticating Against Active Directory LDAP Question

I have a setup where I am authenticating against Win 2003 AD. Things are working. I am concerned about the security of the ldap transaction though. I am not using SSL (MS in its documentation discourages its use). Has anyone deployed SSL and/or SASL?

one of my concerns is that anyone can fo a ldapsearch and get get the attribute msSFU30Password (which I believe is is a user's password) and then do an offline attack.

Currently I am authenticating against the AD to perform queries by using a DN and password that is specified in /etc/ldap.conf.

Old 03-09-2006, 10:21 PM   #2
Registered: Oct 2003
Location: /illinois/chicago
Distribution: Slackware/Gentoo/FC/RHEL
Posts: 568

Rep: Reputation: 30
You should be employing both SSL for the LDAP queries, as well as taking advantage of kerb for auth - not LDAP.
Old 09-30-2006, 06:25 PM   #3
LQ Newbie
Registered: Apr 2006
Posts: 10

Rep: Reputation: 0
My guide below details how to enable SSL encryption, I wouldn't use authentication without it:



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Authenticating Linux Active Directory paul_mat Red Hat 2 09-30-2006 06:24 PM
Authenticating Linux against Windows 2003 Active Directory Builder Linux - Enterprise 26 08-30-2005 03:56 AM
Problems authenticating to Active Directory eantoranz Linux - Networking 3 08-02-2005 04:11 PM
Authenticating DB2 ODBC users against Active Directory bmeckle AIX 2 07-06-2005 10:46 AM
Authenticating on a win2k PDC with Active Directory and disk quotas morfeo Linux - Networking 1 10-07-2004 12:32 PM

All times are GMT -5. The time now is 10:24 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration