>From a security perspective. It's allowing the username and password to be sent over the wire in clear text.
You could say the same thing about NTLM, not that it's going over the wire in clear text. But you have the ability to not allow NTLM or LANMan authentication, why not also limit the Simple Authentication method. Christopher Bodnar Enterprise Architect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459 3900 Burgess Place, Bethlehem, PA 18017 christopher_bod...@glic.com The Guardian Life Insurance Company of America www.guardianlife.com From: "Michael B. Smith" <mich...@smithcons.com> To: "NT System Admin Issues" <ntsysadmin@lyris.sunbelt-software.com> Date: 04/08/2013 04:29 PM Subject: RE: AD Simple LDAP authentication question What benefit do you think there would be to disable it? From: Christopher Bodnar [mailto:christopher_bod...@glic.com] Sent: Monday, April 8, 2013 4:03 PM To: NT System Admin Issues Subject: AD Simple LDAP authentication question I know that AD supports both Simple and SASL methods for LDAP binds: http://msdn.microsoft.com/en-us/library/cc223499.aspx What I was surprised is that there doesn't seem to be a way to disable the Simple method. It supports SSL/TLS but does not require it. Is that correct? Christopher Bodnar Enterprise Architect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459 3900 Burgess Place, Bethlehem, PA 18017 christopher_bod...@glic.com The Guardian Life Insurance Company of America www.guardianlife.com ----------------------------------------- This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
<<image/jpeg>>
<<image/jpeg>>
