-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
That only helps with the authentication portion. All data accessible by
the web server (names, usernames, and if the user is privileged that could
also include passwords or other sensitive data) are sent in the clear.
Good luck.
Thorsten Kampe wrote:
> * ab@novell.com (Wed, 04 Nov 2009 20:07:02 GMT)
>> Disable port 389. You should probably force port 636 as that is SSLized.
>
> Implicit LDAPS was used primarily with LDAPv2 and it's deprecated since
> about 2003[1]. I understand your point but I wouldn't go as far as to
> disable port 389.
>
> Thorsten
> [1] http://en.wikipedia.org/wiki/Ldap#StartTLS
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org/
iQIcBAEBAgAGBQJK8sdGAAoJEF+XTK08PnB53iwQAJQzcrbs3S xXnPlDe+uPlA4K
jjKvJktjWef11a5Jo5dN5727rtfF8HX/YHqTN427fS5m0hzh3IkuunUuavjH1oph
AwObAqHJTwNhHsAbQzlGHccIjfnYmOvOzOSzOcZbEQQHJGIXnP licvddcrRwdaru
fJARuhiojHVhcvp/GD4Q199jq6bceYirRZfwCE+K2v2wdOPe0r1QLUlByZp68lCx
AfQwAp6pkmY0ygeBmlyE6UHDg43STES6Rkmpa805GX0tNETnC+ lRbs9lS4xJdIGQ
TRP1WE318IQ4EpSG3PrWsftea2RP/7+bY6fpv7A7vVad08ebPjBmPbW3/k6Gzxmj
3S5U5MIiDpcECgZlAKiakB21y9QOKLKg4rVe2H4ETC1tKUpX0u VXH2zlMJsRBjSM
YUN2OKa4i6+KB7Kt/XoPdXQiFQkGbgFLsUNr45j/HGwtgGjUFUY4CwTDnVXRIkVI
gpmn7TjgcI0RPVSVleA5XTqLEb9SYEtHEVs2nY0/gbF7gC/H+gD3j+BDS5a9ElH1
N5hyw7MD5/Oc336zPKnDrVDre/3KgxhIXczNRrdCbY7BqjDCO9a+FbNddNswHVxK
5DqYTXQyuSlyJnmyhRYQTbl/BCDJdMzfTOg89xsH8xw1FaTcVQBnTtLmvXqg/GoG
DS0DBPbCgatBKXGjVSMW
=4R1o
-----END PGP SIGNATURE-----
Re: LDAP authentication to Netware from Internet
Threaded Mode
