LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 03-08-2006, 10:15 AM   #1
pyotr1
LQ Newbie
 
Registered: Mar 2006
Posts: 1

Rep: Reputation: 0
Authenticating Against Active Directory LDAP Question


Hi.
I have a setup where I am authenticating against Win 2003 AD. Things are working. I am concerned about the security of the ldap transaction though. I am not using SSL (MS in its documentation discourages its use). Has anyone deployed SSL and/or SASL?


one of my concerns is that anyone can fo a ldapsearch and get get the attribute msSFU30Password (which I believe is is a user's password) and then do an offline attack.

Currently I am authenticating against the AD to perform queries by using a DN and password that is specified in /etc/ldap.conf.


Thanks.
 
Old 03-09-2006, 11:21 PM   #2
PenguinPwrdBox
Member
 
Registered: Oct 2003
Location: /illinois/chicago
Distribution: Slackware/Gentoo/FC/RHEL
Posts: 568

Rep: Reputation: 30
You should be employing both SSL for the LDAP queries, as well as taking advantage of kerb for auth - not LDAP.
 
Old 09-30-2006, 07:25 PM   #3
cbtg2006
LQ Newbie
 
Registered: Apr 2006
Posts: 10

Rep: Reputation: 0
My guide below details how to enable SSL encryption, I wouldn't use authentication without it:

http://cb-net.co.uk/readarticle.php?article_id=5

-Chris
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Authenticating Linux Active Directory paul_mat Red Hat 2 09-30-2006 07:24 PM
Authenticating Linux against Windows 2003 Active Directory Builder Linux - Enterprise 26 08-30-2005 04:56 AM
Problems authenticating to Active Directory eantoranz Linux - Networking 3 08-02-2005 05:11 PM
Authenticating DB2 ODBC users against Active Directory bmeckle AIX 2 07-06-2005 11:46 AM
Authenticating on a win2k PDC with Active Directory and disk quotas morfeo Linux - Networking 1 10-07-2004 01:32 PM


All times are GMT -5. The time now is 04:54 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration