LinkBack URL
About LinkBacksI have a remote linux server that I would like to authenticate sugar users using ldap to our internal active directory server. Is it as simple as opening a port? Is this a major security issue? Is there another way to accomplish the same thing?
Sugar Community Member
LDAP authentication from outside the network?
I have a remote linux server that I would like to authenticate sugar users using ldap to our internal active directory server. Is it as simple as opening a port? Is this a major security issue? Is there another way to accomplish the same thing?
A Sugar Hero | Help Forum Moderator
Re: LDAP authentication from outside the network?
Opening any port provides a risk. The real trick is to limit your risk. One example limit access to that port from the IP address of the server that you want to have access to your ldap directory. Secondly if possable limit access to it via an encrypted VPN connection. This will disable direct attacks on the ldap server but still will not prevent indirect attacks via the server allowed to connect to your server.
And most of all never believe anyone telling you their solution is 100% secure. There is no such thing unless the computer is turned off and never turned on. Even that can be taken or stolen physically or damaged in a natural disaster. It is more about assesing the risks and limiting the risks you take. This includes updating software with know risks that have fixes available. The criminals do not keep doing the same thing when it no longer works for them and they are constantly evolving and developing new methods of attack. So what may be secure now may not be 10 seconds from now. Security is a constant vigilance effort.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote
Bookmarks