[DOCS-11366] Reasons for enabling LDAPS Created: 27/Feb/18 Updated: 29/Oct/23 Resolved: 09/Mar/18 |
|
| Status: | Closed |
| Project: | Documentation |
| Component/s: | Ops Manager |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Minor - P4 |
| Reporter: | Davi Ottenheimer | Assignee: | Anthony Sansone (Inactive) |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | authentication, ldap, ssl | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: | |||
| Participants: | |
| Days since reply: | 5 years, 48 weeks, 5 days ago |
| Story Points: | 0.5 |
| Description |
|
Enable LDAP Authentication for your Ops Manager Project has the phrase: "SSL is not required for use with LDAP authentication" Could we replace this with a warning or at least informational box? Perhaps something more like: "Please note that LDAP by default is not encrypted and sends credentials (username and password) in plaintext, which could compromise them on insecure networks. Use of SSL/TLS with LDAP (LDAPS) to encrypt authentication is strongly recommended. Many modern directory services, such as Active Directory or Active Directory Domain Controllers, require encrypted communications." |
| Comments |
| Comment by Githook User [ 09/Mar/18 ] |
|
Author: {'email': 'tony.sansone@mongodb.com', 'name': 'Tony Sansone', 'username': 'atsansone'}Message: ( |
| Comment by Githook User [ 09/Mar/18 ] |
|
Author: {'email': 'tony.sansone@mongodb.com', 'name': 'Tony Sansone', 'username': 'atsansone'}Message: ( |