?
Solved

LDAP queries from DMZ- What is best practice?

Posted on 2015-01-19
3
Medium Priority
?
1,074 Views
Last Modified: 2015-01-27
Hello,

Our network is divided into a DMZ and private networks.

We recently had a request to configure a server resting in the DMZ to allow for  LDAP query.

Given that there are security concerns here, what is the best practice to allow such queries?

Thanks,

Mark
0
Comment
Question by:mbudman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 1000 total points
ID: 40558911
Using Secure LDAP and also having the appropriate firewall rules in place to only allow communication from specific hosts on the private network.

Will.
0
 
LVL 3

Assisted Solution

by:Rezwan Islam
Rezwan Islam earned 1000 total points
ID: 40563430
Will has pretty much dot pointed what needs to be done. You will need LDAPS and FW rules set up. I used couple of links below about a year ago to assist on a similar issue.

http://pcloadletter.co.uk/2011/06/27/active-directory-authentication-using-ldaps/
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Q_27831833.html
0
 
LVL 1

Author Closing Comment

by:mbudman
ID: 40572772
Thank you for your assistance.

Mark
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Ever wonder what it's like to get hit by ransomware? "Tom" gives you all the dirty details first-hand – and conveys the hard lessons his company learned in the aftermath.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question