question

M4-2126 avatar image
0 Votes"
M4-2126 asked GaryReynolds-8098 answered

LDAP over SSL

Hi,

I have configured LDAP over SSL in my AD Server. Using ldp I am able to connect successfully using port 636.

Shall I need to configure in GPO for Client Computers to access LDAP which is configured over SSL or will connect to that server without any configuration

Please advise



windows-server
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

LimitlessTechnology-2700 avatar image
0 Votes"
LimitlessTechnology-2700 answered

Hello,

Thank for reaching out.

Yes, you may Enable GPO for LDAP sign-in to improve security.
https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/enable-ldap-signing-in-windows-server

Thank you.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

GaryReynolds-8098 avatar image
0 Votes"
GaryReynolds-8098 answered

Hi,

LDAPS is primarily intended to support simple bind requests, so plain text passwords are encrypted when transmitted over the network. To use this functionality the application or service must be specifically written to support LDAPS, as it needs to request a SSL based connection. Typically security and network devices use simple binds when LDAP\S is used.

I don't believe there is any GPO settings that would force normal clients to use LDAPS as the default connections method.

Gary.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.