Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » Bind Redirection
Bind Redirection [message #160438] Thu, 27 August 2009 22:12 Go to next message
Kerry  is currently offline Kerry  United States
Messages: 48
Registered: July 2009
Member
We have an application which uses ADAM User Proxy objects to redirect the
binds to AD. The connection between the application and the ADAM server is
using SSL as the apps send creds in clear text, can we will use
LDAP_OPT_SIGN 1 and LDAP_OPT_ENCRYPT 1 to send passwords from ADAM to AD
using Kerberos?
Re: Bind Redirection [message #160535 is a reply to message #160438] Tue, 01 September 2009 04:25 Go to previous message
Lee Flight  is currently offline Lee Flight  United Kingdom
Messages: 392
Registered: July 2009
Senior Member
Hi

the backend communication between ADAM and AD for authentication
of the credetials for a bindProxy object should be secure by default as
the authentication is handled by normal windows logon mechanisms.

There was an issue with the SSPI flavor (NTLM vs Kerberos) that was
used for that backend authentication [1] in ADAM SP1.

Lee Flight

[1] http://support.microsoft.com/kb/940448


"Kerry" <Kerry@live.com> wrote in message
news:OxdhPX5JKHA.5808@TK2MSFTNGP03.phx.gbl...
> We have an application which uses ADAM User Proxy objects to redirect the
> binds to AD. The connection between the application and the ADAM server is
> using SSL as the apps send creds in clear text, can we will use
> LDAP_OPT_SIGN 1 and LDAP_OPT_ENCRYPT 1 to send passwords from ADAM to AD
> using Kerberos?
>
Previous Topic:Global Group or Universal Group
Next Topic:Active Directory service principal names
Goto Forum:
  


Current Time: Fri Jan 19 00:43:55 MST 2018

Total time taken to generate the page: 0.02885 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software