Active IQ Unified Manager Discussions

Does UM6 support secure LDAP authentication?

niels
4,667 Views

Hi experts,

I've a customer with a security concern. He wants to know if UM6 utilizes a secure and encrypted method to authenticate with AD. In his environment only encrypted LDAP authentication is enabled.

I guess the base question is, if UM6 uses

- simple BIND (which is unsecure and exposes the user's credentials)

- Kerberos (which is the preferred way for AD communications anyway)

If simple BIND is used, is or can SSL/TLS be used to encrypt the authentication session?

If not - what are the options? Local users?

New Info from customer:

If he uses the standard port # 389, authentication works but is insecure.

If he enters the secure port # 636 he gets "Unknown authentication server error"

I assume UM6 does not switch to secure communication automatically, if the secure port is used?

regards, Niels

Edited by "niels" on "2013-08-26" Added additional info from customer.

4 REPLIES 4

mauricib
4,667 Views

I also have a customer in DoD that will be asking about this and possibly requiring it to be able to deploy UM6.

kryan
4,667 Views

Niels,

I can't answer all of your questions but I can confirm that UM 6.0 does not support secure LDAP.

Kevin

ravir
4,667 Views

Niels,

Which customer is this? As Kevin mentioned above, LDAPS is not supported in UM 6.0 and not planned for 6.1.

Thanks

Ravi

mauricib
4,667 Views

Ravi,

Can you share what UM release LDAP over SSL is planned for?

This is for HP Enterprise Services, who won the NGEN contract.

Thanks,

Mauricio

Public