I've a customer with a security concern. He wants to know if UM6 utilizes a secure and encrypted method to authenticate with AD. In his environment only encrypted LDAP authentication is enabled.
I guess the base question is, if UM6 uses
- simple BIND (which is unsecure and exposes the user's credentials)
- Kerberos (which is the preferred way for AD communications anyway)
If simple BIND is used, is or can SSL/TLS be used to encrypt the authentication session?
If not - what are the options? Local users?
New Info from customer:
If he uses the standard port # 389, authentication works but is insecure.
If he enters the secure port # 636 he gets "Unknown authentication server error"
I assume UM6 does not switch to secure communication automatically, if the secure port is used?
Edited by "niels" on "2013-08-26" Added additional info from customer.