Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 3348 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AD user lookups - clear text by default?

njorge
I've added our Active Directory domain controller to the authentication server list. SSL is unchecked (default) and it connects over port 389.

If I allow users to bypass web filtering blocked pages by entering in the AD username/password and a bypass "reason", is their password sent over clear text to the domain controller?


This thread was automatically locked due to age.
Parents
  • 0
    For client to UTM, it is encrypted and secure for everything except "Basic User authentication".  The bypass block authentication is a form of browser authentication and always occurs over a HTTPS connection.

    For UTM to AD server, I don't know except that we use the industry standard mechanism.
Reply
  • 0
    For client to UTM, it is encrypted and secure for everything except "Basic User authentication".  The bypass block authentication is a form of browser authentication and always occurs over a HTTPS connection.

    For UTM to AD server, I don't know except that we use the industry standard mechanism.
Children
No Data