I figured out that prtg uses an unencrypted ldap connection to my domain controller. The Domain Controller supports LDAPS. Other tools already connecting via ldaps on port 636 to this domain controler. What do I have to do to configure prtg to use ssl?
How can I force PRTG to use LDAPS (port 636) for Active Directory Integration?
We're currently checking the usage of LDAPS for the Active Directory Authentication, please bear with us.
Stephan Linke, Tech Support Team
Any Updates on this? is the LDAP communication signed? otherwise it will soon stop working since unsigned/unencrypted LDAP communication will stop working soon: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190023
We're aware of it, and we'll do something about it. Note that the "release date" has been pushed to 03/2020, which gives us some more time :)
Any news regarding when this is planned to be released?
We hope to make it in time with the Microsoft release :)
Is there any update ?
No, not yet - as mentioned, we're currently evaluating this and hope to implement it in time. Thanks for your patience on the matter!
Hey Stephan and PRTG Team - will this thread be our best source of information on this? Or should we look for an announcement on the newsletter when this is addressed?
For your awareness, this "fix" is a requirement for us, and could make PRTG a non-usable product for us if not addressed.
With some first tests, it shows that PRTG will continue to work, but the LDAP Sensor stops working.
Do you mean we can authenticate to PRTG through LDAPS successfully, per your testing? That would be great news.
I am really concerned with this issue. Yesterday I performed a test on my domain enabling LDAPS and many things stopped working.
What things in particular, if I may ask?
Hey, are there any updates about this issue? Thanks and kind regards :)
The LDAP Sensor will have support for LDAPS with PRTG 20.x.57. Support for AD Authentication with LDAPS will hopefully make it's way into 20.x.58. Microsoft postponed the release yet again, so we should be fine with that :)
I tried the LDAP Sensor with LDAPS and it works all fine. Is there already a known release date for the patch? I am running on PRTG version 220.127.116.115 so for me it would the patch 18.104.22.1685, right?
That's nice to hear (LDAPS already working), but there's some things left to be done behind the scenes :) We're trying to release every last week of the month (+/- a few days), so rough estimates would be 21.03 and 21.04).
Regarding the version numbers, it's always <year>.<quarter>.<major>.<minor>, so for the March release, it should be 20.1.56.xxxx, and for April, it'd be 20.2.57.xxxx.
then i'm gonna have to be patient a little longer :)
thanks for your information and kind regards
Still not working on version 22.214.171.1249+
What exactly is not working? What error message do you get here?