Does UM6 support secure LDAP authentication?

niels · ‎2013-08-23

Hi experts,

I've a customer with a security concern. He wants to know if UM6 utilizes a secure and encrypted method to authenticate with AD. In his environment only encrypted LDAP authentication is enabled.

I guess the base question is, if UM6 uses

- simple BIND (which is unsecure and exposes the user's credentials)

- Kerberos (which is the preferred way for AD communications anyway)

If simple BIND is used, is or can SSL/TLS be used to encrypt the authentication session?

If not - what are the options? Local users?

New Info from customer:

If he uses the standard port # 389, authentication works but is insecure.

If he enters the secure port # 636 he gets "Unknown authentication server error"

I assume UM6 does not switch to secure communication automatically, if the secure port is used?

regards, Niels

Edited by "niels" on "2013-08-26" Added additional info from customer.

mauricib · ‎2013-08-23

I also have a customer in DoD that will be asking about this and possibly requiring it to be able to deploy UM6.

kryan · ‎2013-08-27

Niels,

I can't answer all of your questions but I can confirm that UM 6.0 does not support secure LDAP.

Kevin

ravir · ‎2013-09-03

Niels,

Which customer is this? As Kevin mentioned above, LDAPS is not supported in UM 6.0 and not planned for 6.1.

Thanks

Ravi

mauricib · ‎2013-09-23

Ravi,

Can you share what UM release LDAP over SSL is planned for?

This is for HP Enterprise Services, who won the NGEN contract.

Thanks,

Mauricio