Core Infrastructure and Security Blog
Home
Options
480
Naveen_Kanneganti on 04-03-2020 09:52 AM
2,389
Michael Hildebrand on 03-25-2020 06:23 AM
3,259
skissel on 03-23-2020 01:25 PM
518
Joe_Zinn on 03-19-2020 07:48 AM
4,544
Matt Balzan on 03-13-2020 07:33 AM
2,092
LijuV on 03-09-2020 08:48 AM
1,333
John_Clyburn on 03-02-2020 12:00 AM
1,403
John_Clyburn on 02-27-2020 12:00 AM
2,887
Stanislav Belov on 02-25-2020 11:55 PM
2,671
DanielMetzger on 02-23-2020 03:00 PM
2,237
Bruno Gabrielli on 02-21-2020 11:22 AM
4,734
DanielMetzger on 02-20-2020 08:37 AM
1,527
BrandonWilson on 02-19-2020 05:54 AM
4,199
Zoheb Shaikh on 02-13-2020 12:00 AM
5,035
John_Clyburn on 02-10-2020 12:00 AM
3,925
Tim_Beasley on 02-06-2020 02:10 PM
2,276
hspinto on 02-04-2020 07:21 AM
10.1K
Jon Warnken on 01-30-2020 06:53 AM
3,450
Sean Greenbaum on 01-28-2020 09:19 AM
1,242
NoMoePwds on 01-24-2020 02:10 PM
1,009
NoMoePwds on 01-24-2020 02:10 PM
870
NoMoePwds on 01-24-2020 02:10 PM
763
NoMoePwds on 01-24-2020 02:10 PM
855
NoMoePwds on 01-24-2020 02:10 PM
895
NoMoePwds on 01-24-2020 02:10 PM
892
NoMoePwds on 01-24-2020 02:09 PM
888
NoMoePwds on 01-24-2020 02:08 PM
873
NoMoePwds on 01-24-2020 02:07 PM
796
Amer_Kamal on 01-24-2020 02:07 PM
865
Amer_Kamal on 01-24-2020 02:06 PM
Latest Comments
Hi,I have been following this link to understand the LDAP changes which are going to happen in coming months and the explanation is pretty good. I have a questionI am using F5 load balancer to manage the LDAP for both secure and non secure connections and I could see load balancer's SNAT IP address ...
0 Likes
@jdobiash thanks for your comment.For my understanding, CBT is implemented as part of Windows EPA and as long as you're using Windows authentication providers (and EPA is enabled) it will kind of be automatically sent for you (feel free to correct me if I'm wrong) In my case, I have an application t...
0 Likes
The LDAP Channel Binding Token (CBT) feature is separate from signing and securing of the actual LDAP authentication (be it via LDAPS or SASL). CBTs are done to ensure that the SSL traffic itself can't be Man-in-the-middle'd (MITM), however, less things are compatible with them. A lot of 3rd party t...
0 Likes
I couldn't find anywhere information about the following case - Would simple bind (Simple Authentication) over LDAPS still work with Channel Binding set to Required?It is clear that the signing requirement works when it's LDAPS but all the information about Channel Binding talks mainly on SASL and n...
0 Likes
@NoMoePwds This may not be a frequently asked question but hoping someone can answer it. In trying to figure out what I needed to do to ensure a new certificate template had an extension with the BMP data value "DomainController" I incorrectly added a new EKU named "DomainController" with the OID va...
0 Likes