LDAPs as Default – Encrypted Authentication in Rillsoft Integration Server

LDAPs as default in Rillsoft Integration Server 9

With Rillsoft Integration Server 9, LDAPs is active as the default setting. LDAP signature hardening and LDAP channel binding are enforced – authentication traffic to the Windows domain is encrypted by default via SSL/TLS.

The prerequisite is that every system using the LDAP protocol is prepared for LDAPs. If the certificates on domain controllers and clients are not properly rolled out, authentication against the Windows domain will fail.

LDAP vs. LDAPs – what is the difference?

Your benefits with LDAPs

Security – LDAPs encrypts traffic via SSL/TLS and protects bind operations, search queries and responses from being intercepted.

Data protection – Directory services hold sensitive identity data. LDAPs makes sure this information does not travel through the network in clear text.

Compliance – Requirements such as GDPR demand appropriate technical measures. LDAPs is an established protection layer for identity-related data and supports compliance goals.

Network security – Authentication and authorization run via digital certificates. The risk of man-in-the-middle attacks and replay attacks is significantly reduced.

Future orientation – Unencrypted LDAP is being phased out in Microsoft recommendations as well. Anyone running LDAPs is ready for current and upcoming security requirements.

Check before switching

• Certificate chain valid and trusted on the domain controllers
• Clients and applications accept LDAPs connections
• Firewall rules open for port 636 (LDAPs) and 3269 (Global Catalog LDAPs)
• Directory-integrated third-party systems tested before LDAPs becomes mandatory

Related to the server solution

• Rillsoft Integration Server – on-premise server for multi-user project management
• Rillsoft Cloud – hosted variant for distributed teams
• Summary project and multi-user work – multi-user features starting with Rillsoft Project 9