What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

LDAP Security Warning

Votes:

0

While reviewing our Directory Service log, I noticed the following entry for the PRTG IP: ---------------

The following client performed a SASL (Negotiate/Kerberos/NTLM/Digest) LDAP bind without requesting signing (integrity verification), or performed a simple bind over a cleartext (non-SSL/TLS-encrypted) LDAP connection.

---------------

I assume the issue with PRTG is it skips integrity verification? I hope it's not sending the credentials over plaintext.

Is there anyway to configure PRTG to prevent this warning in the event log?

active-directory ldap password security

Created on Jun 9, 2017 4:35:02 PM



3 Replies

Votes:

0

Hello there,

PRTG does not do simple bind using cleartext, but the other thing with skipping integrity verification. As far as I can tell the reason why you get these events, is due to its configuration, if I'm not mistaken.

Kind regards,

Erhard

Created on Jun 13, 2017 4:16:44 PM by Erhard Mikulik [Paessler Support]



Votes:

1

I found the issue. There was an LDAP sensor configured for one of our servers which was using the unencrypted channel.

Created on Jun 13, 2017 5:46:33 PM



Votes:

0

Nice, thank you for sharing your finding.

Kind regards,

Erhard

Created on Jun 14, 2017 5:56:04 AM by Erhard Mikulik [Paessler Support]




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.