- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-14-2022 12:39 PM
Hi everyone,
I know LDAP authentication is not supported through MID server. My understanding is that this happens because LDAP doesn't support SSL connections.
However LDAPS supports them, so I was wondering if LDAPS would support authentication through a MID server and what configuration would I need to do in order to make it possible. I haven't been able to find any info about this.
Solved! Go to Solution.
- Labels:
-
MID Server
-
Multiple Versions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-22-2022 03:28 PM
I doubt that that could be made to work securely and reliably. As you know SN can never connect to the MID server (to send user and password for validation) only the MID server can connect to SN, fetch the list of work to be done and upload the result once completed. In an ideal situation, where the MID server has a working AMB subscription, this can be almost instantaneous, however AMB is not 100% bulletproof. And the fallback max. round-trip interval can be as long as 40+ seconds in a default configuration. That means a simple login can take as much as almost a minute in a worst case scenario. Another concern would be security: the job "sent" to the MID server (the ecc queue record) will contain the password and it could be logged to a file too. Even if encrypted, someone who gains access to the MID service process will be able to decrypt passwords. I'm not sure users would be thrilled to learn that their passwords can easily be had by administrators of the MID servers. It might also enable man in the middle attacks. Actually for the same reasons it might not be a good idea to do it even if it were possible.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-14-2022 05:06 PM
Hi Ivar,
If you're looking for connecting LDAPS through MID Server. You can refer to KB0825425
Also, LDAP integration via MID Server
Hope it helps.
Thanks,
Raj
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-22-2022 02:55 PM
We are already past integrating with LDAPS through MID server. The problem is that my client is using LDAP authentication, which is not available through MID server as LDAP doesn't support SSL.
I was wondering if LDAPS did support authentication since it supports SSL.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-22-2022 03:28 PM
I doubt that that could be made to work securely and reliably. As you know SN can never connect to the MID server (to send user and password for validation) only the MID server can connect to SN, fetch the list of work to be done and upload the result once completed. In an ideal situation, where the MID server has a working AMB subscription, this can be almost instantaneous, however AMB is not 100% bulletproof. And the fallback max. round-trip interval can be as long as 40+ seconds in a default configuration. That means a simple login can take as much as almost a minute in a worst case scenario. Another concern would be security: the job "sent" to the MID server (the ecc queue record) will contain the password and it could be logged to a file too. Even if encrypted, someone who gains access to the MID service process will be able to decrypt passwords. I'm not sure users would be thrilled to learn that their passwords can easily be had by administrators of the MID servers. It might also enable man in the middle attacks. Actually for the same reasons it might not be a good idea to do it even if it were possible.
