Forum Discussion
AltostratusAD auth in APM (protocol used)
Just wondering in its simple state what protocol does APM connect to active directory to authenticate with.
What options do I have around increasing the security to this and what do i have to do.
ie NTLMv2, kerberos etc.
3 Replies
Dave_WEmployee
Hello,
Regarding Active Directory and APM for authentication APM supports Kerberos and for queries APM supports LDAP. As far as increasing security you could use LDAPS, but then you would configure an LDAPS AAA instead of an Active Directory AAA.
Here is some more info on Active Directory and LDAP with APM:
malakibrahimNimbostratus
Hello Dave
In APM policy does it mean
AD authentication : uses Kerberos
AD query : uses LDAP
There's vulnerability with LDAP and Microsoft advised to use LDAPS in this article , So i guess I need only to change AD query with LDAP query "signing enabled" and leave the AD authentication as it is to overcome that vulnerability, Right?
- Dave_W
Hello Malak,
Go into the LDAP AAA object and set it to "Use Pool." Then under "Mode" you can set it to LDAPS and you should see a Server SSL profile drop down menu.
