Details
-
Improvement
-
Status: Closed
-
Minor - P4
-
Resolution: Fixed
-
None
-
None
-
0.5
-
KANBAN BUCKET
-
true
Description
Enable LDAP Authentication for your Ops Manager Project has the phrase:
"SSL is not required for use with LDAP authentication"
Could we replace this with a warning or at least informational box? Perhaps something more like:
"Please note that LDAP by default is not encrypted and sends credentials (username and password) in plaintext, which could compromise them on insecure networks. Use of SSL/TLS with LDAP (LDAPS) to encrypt authentication is strongly recommended. Many modern directory services, such as Active Directory or Active Directory Domain Controllers, require encrypted communications."