Skip to Content.
Sympa Menu

ad-assurance - [AD-Assurance] RE: Encryption with LDAP signing

Subject: Meeting the InCommon Assurance profile criteria using Active Directory

List archive

[AD-Assurance] RE: Encryption with LDAP signing

Chronological Thread 
  • From: Ron Thielen <>
  • To: "" <>
  • Subject: [AD-Assurance] RE: Encryption with LDAP signing
  • Date: Fri, 13 Sep 2013 16:53:42 +0000
  • Accept-language: en-US

Here’s the SANS article on securing DC LDAP with SSL.




From: [mailto:] On Behalf Of Michael W. Brogan
Sent: Friday, September 13, 2013 11:50 AM
Subject: [AD-Assurance] Encryption with LDAP signing


This thread says that LDAP signing sets the security flags ADS_USE_SIGNING & ADS_USE_SEALING:


This article says that ADS_USE_SEALING uses Kerberos for encryption:


Michael W. Brogan

Technical Lead, Identity and Access Management

UW Information Technology, University of Washington





Archive powered by MHonArc 2.6.16.

Top of Page