-
Type: Task
-
Resolution: Fixed
-
Priority: Minor - P4
-
None
-
Affects Version/s: None
-
Component/s: Ops Manager
-
Labels:
-
0.5
Enable LDAP Authentication for your Ops Manager Project has the phrase:
"SSL is not required for use with LDAP authentication"
Could we replace this with a warning or at least informational box? Perhaps something more like:
"Please note that LDAP by default is not encrypted and sends credentials (username and password) in plaintext, which could compromise them on insecure networks. Use of SSL/TLS with LDAP (LDAPS) to encrypt authentication is strongly recommended. Many modern directory services, such as Active Directory or Active Directory Domain Controllers, require encrypted communications."