Re: How to prevent LDAP simple bind?
From: Lee Flight (lef_at_le.ac.uk-nospam)
Date: 08/25/04
- Next message: Ferox: "unable to connect to AD from computer"
- Previous message: Lee Flight: "Re: How to prevent LDAP simple bind?"
- In reply to: Boris Lokhvitsky: "Re: How to prevent LDAP simple bind?"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 25 Aug 2004 09:52:27 +0100
Inline below...
"Boris Lokhvitsky" <msexpert@gmail.com> wrote in message
news:OjNWONjiEHA.1348@tk2msftngp13.phx.gbl...
> ... This problem occurs because ADSI is restricted to
> SSL port number 636 when it makes a bind call to the LDAP server.
This was certainly a problem for the WinXP ADSI client, I think the above
reads
as "if you are specifying ADS_USE_SSL as an ADSI option then the WinXP
ADSI client will only attempt to use port 636 and so if you are running your
LDAP
server SSL port on something other than 636 it will not work without the
hotfix".
The problem that makes that hotfix important for ADAM ADSI clients on
Windows XP
prior to WinXP SP2 is the "When ADSI calls to bind to ADAM by using a
Windows security
principal over a SSL connection with the ADS_SECURE_AUTHENTICATION option,
ADSI
then uses a simple bind call instead of a secure bind call."
Lee Flight
- Next message: Ferox: "unable to connect to AD from computer"
- Previous message: Lee Flight: "Re: How to prevent LDAP simple bind?"
- In reply to: Boris Lokhvitsky: "Re: How to prevent LDAP simple bind?"
- Messages sorted by: [ date ] [ thread ]
