- PowerCLI
- Active Directory
- VMware
- Powershell
LDAP vs Kerberos
Microsoft has recently announced that it is going to disable LDAP based on the link below.
https://evotec.xyz/four-commands-to-help-you-track-down-insecure-ldap-bindings-before-march-2020/
We configured the AD's windows authentication as the identity source on the vCenter. My understanding is that Windows authentication uses the Kerberos, not the LDAP. Security is not my strength.
Should we have to change it to AD over LDAPs ?
https://evotec.xyz/four-commands-to-help-you-track-down-insecure-ldap-bindings-before-march-2020/
We configured the AD's windows authentication as the identity source on the vCenter. My understanding is that Windows authentication uses the Kerberos, not the LDAP. Security is not my strength.
Should we have to change it to AD over LDAPs ?
They aren't disabling LDAP. Just insecure methods of connecting. This basically means that unencrypted sign in using basic authentication and a few other techniques will no longer work.
Windows authentication does use Kerberos, but understand that the connecting computer needs to be part of the domain for this to work. Kerberos doesn't work with non domain systems. LDAPS is fine for most situations, just note that the certificate will need to be completely valid for connections to work in the future. That means self-signed certificates need to be trusted by client systems before LDAP binding over LDAPS will work.
-
![]()
SolutionLDAP vs Kerberos -
![]()
ArticleERROR_GEN_FAILURE [code 0x0000001f] When Attempting to Join vCenter to Active Directory -
![]()
VideoExchange 2019 - Re-create the exchange security groups in Active Directory -
![]()
Cloud Class®Certification: CVE Certified Virtualization Expert - VMware vSphere 6.0 Ultimate Bootcamp
-
![]()
received a Solution
Add ESXi to LDAP/AD = Scripted? -
![]()
wrote an Article
![]()
Tech Goblins and Heroes: October Expert News
-
![]()
created a Video
![]()
Exchange all versions - Check when a user mailbox was created
-
Explore Cloud Class® ![]()
Certification: CVSE Certified Virtualization Security Expert - Advanced VMware Security
Premium Content
You need an Expert Office subscription to comment.Start Free Trial