Knowledgebase: Proofpoint Essentials
Support for LDAP (SSL/TLS)
Posted by Richard Kennedy on 14/03/16 10:10

A common method of securing LDAP communication is using an SSL tunnel . This is denoted in LDAP URLs by using the URL scheme "ldaps". The use of LDAP over SSL was common in LDAP Version 2 (LDAPv2) but it was never standardized in any formal specification. The usage of LDAPS has been deprecated and LDAPv2 was officially retired in 2003. As a result Proofpoint Essentials does not support this communication method. 

For organizations wishing to manage their users via the Proofpoint Essentials Active Directory sync service, we recommend the following:

  1. Configure Active Directory to force inbound connections over TLS (StartTLS)
  2. Configure the Firewall to only allow access to Active Directory from Proofpoint Essentials IP ranges

Additional Information:

  • LDAPS/LDAPv2: http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol
  • StartTLS: https://en.wikipedia.org/wiki/LDAPS#StartTLS
  • Proofpoint Essentials Data Center IPs: http://support.proofpointessentials.com
(0 vote(s))
Helpful
Not helpful

Comments (0)
121