[Date Prev][Date Next] [Chronological] [Thread] [Top]

Secure LDAP Query from a clear text request



 

Hello all:

 

I am currently in a position where a “black box” solution that we utilize needs to access an LDAP host.  The “black box” does not have the ability to make a secure request to an internal S-LDAP host, and this is where the problem lies.  The kicker is that the black box solution lies within an unsecured network segment.  I need to apply a solution where the transport layer is secured in order to traverse the firewalled segment.  On the internal side, I have a secure LDAP cluster to answer these requests.  The proxy host that I have available would be a FreeBSD kernel.   

 

My first (and only) thought so far, is to have a LDAP proxy server on the unsecured segment, in which it will rebuild the request into the S-LDAP (TLS/SSL) version and allow that host to request the data to our internal network.  I am not exactly too happy with that solution though.  What other type of solutions are out there, and is my first thought even possible?


Your help is appreciated.

-dp

 

 

 

==========================
Doug Pitek
The New York Times
Enterprise Application Services  
dpitek-nospam@nytimes.com