Solutions

LDAP Security Warning

Modified on 2025-06-10 21:25:15 +0200

While reviewing our Directory Service log, I noticed the following entry for the PRTG IP: ---------------

The following client performed a SASL (Negotiate/Kerberos/NTLM/Digest) LDAP bind without requesting signing (integrity verification), or performed a simple bind over a cleartext (non-SSL/TLS-encrypted) LDAP connection.

---------------

I assume the issue with PRTG is it skips integrity verification? I hope it's not sending the credentials over plaintext.

Is there anyway to configure PRTG to prevent this warning in the event log?

Article Comments

Hello there,

PRTG does not do simple bind using cleartext, but the other thing with skipping integrity verification. As far as I can tell the reason why you get these events, is due to its configuration, if I'm not mistaken.

Kind regards,

Erhard

Jun, 2017 - Permalink

I found the issue. There was an LDAP sensor configured for one of our servers which was using the unencrypted channel.

Jun, 2017 - Permalink

Nice, thank you for sharing your finding.

Kind regards,

Erhard

Jun, 2017 - Permalink

Disclaimer:
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.

LDAP Security Warning

Article Comments

Search

Attention

Related Articles