Loading...

XML

Word

Printable

JSON

Type: Task
Resolution: Fixed
Priority: Minor - P4
Fix Version/s: None
Affects Version/s: None
Component/s: Ops Manager
Labels:
- authentication
- ldap
- ssl
Environment:
https://docs.opsmanager.mongodb.com/current/tutorial/enable-ldap-authentication-for-group/#select-ldap

Story Points:
0.5

Enable LDAP Authentication for your Ops Manager Project has the phrase:

"SSL is not required for use with LDAP authentication"

Could we replace this with a warning or at least informational box? Perhaps something more like:

"Please note that LDAP by default is not encrypted and sends credentials (username and password) in plaintext, which could compromise them on insecure networks. Use of SSL/TLS with LDAP (LDAPS) to encrypt authentication is strongly recommended. Many modern directory services, such as Active Directory or Active Directory Domain Controllers, require encrypted communications."

Assignee:: Anthony Sansone (Inactive)

Reporter:: Davi Ottenheimer

Participants:: Anthony Sansone, Davi Ottenheimer, Githook User

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: Feb 27 2018 05:39:59 PM UTC

Updated:: Apr 19 2024 05:04:31 PM UTC

Resolved:: Mar 09 2018 04:58:23 PM UTC

Days since reply:: 6 years, 7 weeks, 5 days ago

Details

Description

Attachments

Activity

People

Dates