BestPracticesinLDAPSecurity

September2011
DrAndrewFindlay
Skills1stLtd

Synopsis
LDAPserversarepartofthecriticalinfrastructureofmostlarge
organisations.Theyholdpersonaldatasubjecttolegalprotection,andoften
actastheauthoritativesourceofauthenticationandauthorisationfor
multipleapplications.
ThispaperdividesLDAPsecurityintothreemajorrequirements:availability,
integrity,andconfidentiality.Appropriatecontrolsareproposedforeach
topic,notingtheinteractionsandcompromisesthatarerequired.Mostofthe
controlsaretechnical,relatingtodesignandadministrationissuesthat
affectallLDAPserverproducts.Thetradeoffbetweentechnicaland
organisationalcontrolsisdiscussed,withreferencetocommonhuman
factorsissues.

1Requirements
Whatissecurity?Thisratheroverusedwordnowcoversamultitudeof
things,rangingfromnightclubbouncerstospies,andfromjunkbondsto
"thestateoffeelingsafe".Inthecontextofinformationsystemsweneeda
tighterdefinition,andthisisprovidedbythe'ISO27k'seriesofstandards.
Section2.19ofISO/IEC27000:2009[ISO27000]definesinformation
securityas"preservationofconfidentiality,integrityandavailabilityof
information".Italsonotesthatotherproperties,suchasauthenticity,
accountability,nonrepudiation,andreliabilityarerelevant.
Followingupthedefinitionsofthoseterms,wefind:
Confidentialityisthepropertythatinformationisnotmadeavailableor
disclosedtounauthorizedindividuals,entities,orprocesses.
Integrityisthepropertyofprotectingtheaccuracyandcompletenessof
assets,whereassetisgiventheverybroaddefinition"anythingthathas
valuetotheorganization"asynonymfor'data'inthecontextofthispaper.
Availabilityisthepropertyof"beingaccessibleandusableupondemandby
anauthorizedentity".Thisisapropertythatisoftenneglectedinfavourof
theothers,butisinfactatthecoreofinformationsecurity:ifwearenot
protectingtheavailabilityoftheservicethenthereislittlepointinhavingit
atall.

2Controls
InthelanguageofISO/IEC27000,controlisa"meansofmanagingrisk,
includingpolicies,procedures,guidelines,practicesororganizational
structures,whichcanbeadministrative,technical,management,orlegalin
nature".Thecorestandard,ISO/IEC27001,isnotprescriptiveinthisarea:
itreferstoISO/IEC27002whichprovidesalistofexamplecontrolsfor
organisationstochoosefrom.Thechoiceistobeguidedbyanalysisofthe
risks,andcontrolsmaybedrawnfromothersourcesasappropriate.
Followingthismodel,theremainderofthispaperpresentssomeLDAP
relatedcontrolsforconsideration.

3TechnicalControls
3.1Accountmanagement
WhereLDAPentriesrepresentaccountsusedbypeopleorapplications,itis
importanttohaveeffectivemanagementprocessesinplace.Forpersonal
accountsthisshouldincludeautomatedupdatesfromhumanresources
systemsandotherdatabasestoprovisionnewaccountsandtodisableold
onespromptly.Itisnormallybesttoavoiddeletingaccounts,asthatleadsto
agreaterriskofreusingidentifiersandalsotoproblemsininterpreting
auditlogs.

3.2Authentication
LDAPserversgenerallysupporttwodifferentauthenticationmethods:
"simplebind"[RFC4513]andSASL[RFC4422].Ifsimplebindisinusethen
TLSshouldalsobeused,topreventexposureofpasswordsonthenetwork.
AsLDAPisoftenusedtovalidatepasswordsforotherservicesthisislikelyto
beaverycommonsituation.RFC4513saysthatserversSHOULDdisallow
theuseofpasswordswhenTLSisnotinuse.Veryfewserverproductshave
thisastheirdefaultsettingbutitshouldbeseriouslyconsidered.
MoresecuremechanismsbasedonSASLshouldbeusedifpossible.SASL
EXTERNALalongwithclientsidecertificatesandTLSprovidesthemost
comprehensiveprotection,butdoesrequirethecreationandmanagementof
anX.509certificateforeachuser.Kerberos[RFC4120]carriedbytheSASL
GSSAPImechanismisagoodchoiceinmanyenvironments.
MechanismssuchasDIGESTMD5avoidexposingthepasswordonthe
network,butrequiretheservertostoreeverypasswordinclear.Thismaybe
appropriateinsomeenvironments,butisnotgenerallyrecommended.
Incaseswhereonepersonactswiththedelegatedauthorityofanother,itis
commontofindpasswordsbeingshared.Thisisagainstmostorganisations'
policies.LDAPsupportsdelegationwithoutpasswordsharing:forcomplete
sessionsusingtheSASLauthc/authzconcept,andforindividualoperations
usingtheLDAPProxiedAuthorizationControl[RFC4370].These
mechanismsshouldbeusedinpreferencetopasswordsharing.

Proxyauthenticationcanalsobeusedwhereaprocesssuchasawebappis
actingonbehalfofmanyusers,butcautionisadvised:iftheapplicationis
giventheabilitytoactforanyuserthentheconsequencesofasuccessful
exploitmaybeunacceptable.Whereverpossible,LDAPoperationsperformed
byanapplicationshouldbedoneusingthecredentialsoftheuserthat
triggeredthem.

3.3PasswordPolicy
MostLDAPsystemsstoreandvalidatepasswordsindeedformanyitis
theirprimaryfunction.FollowingtheX.500'getbackexactlywhatyouput
in'principle,serversnormallydefaulttostoringpasswordsincleartextorin
aformthatcanbeconvertedbacktocleartext.Inmostcasesthisisnot
necessary(butseeDIGESTMD5insection3.2above).Whereverpossible,
passwordsshouldbestoredusinganonreversiblecryptographichash
includingasignificantamountofsalt.Thisprovidesthebestpossible
protectionagainsttherecoveryofpasswordsfromstolendisksorbackup
tapes.SSHA1isthebestcommonlyimplementedhashatpresent,but
serveradministratorsshouldconsidermovingtobetterhashessuchasthe
SSHA2serieswhentheybecomeavailable.Notethatpasswordsprotected
usingAESandothersymmetricalgorithmsarelikelytoberecoverablefrom
stolenmediawithverylittleeffortastheencryptionkeysarealmostcertain
tobepresentonthesamemedia.
Manyorganisationshavepoliciesaboutthechoiceofpasswords,the
frequencyofchangingthem,andwhathappensiftherearerepeated
authenticationfailures.ThesecanbeimplementedinLDAPsystems
[BEHERA],thoughcareisstronglyadvisedwhenusinganyfeaturesthatcan
lockoutanaccount.Thereareseveralproblems,somerelatedtothe
distributednatureofLDAPserviceswhichcanmakeitimpossibleto
maintainatrulyglobalviewofauthenticationfailures.Forthesamereason,
itisoftendifficulttodetectlockedoutaccountsandtounlockthemby
administrativeaction.
Further,asLDAPisoftenusedasacommonauthenticationservicebehind
severaluserfacingservices,thereisaseriousriskofunintentionaldenialof
service.AnexampleofthisiswhereauserchangestheirpasswordinLDAP
butforgetsto(orisunableto)changethestoredpasswordintheiremail
client.Manymailclientswillsimplyretryiftheyfailtodownloadmessages
foranyreason,andwillrapidlytriggeranaccountlockoutaffectingmany
otherservices.Itisimportanttorememberthatavailabilityisalsopartof
security!

3.4Accesscontrol
Accesscontrolisanimportantcontributortoinformationsecurity,butitis
notstandardisedinLDAP.Eachserverproducthasitsownaccesscontrol
system,andthecapabilityofthesesystemsvaries.Accesscontrollistsaffect
bothintegrityandconfidentiality,andtheirdesigncanbeanintricate

process.Thesubjectistoolargetobetreatedindetailinthispaper,butitis
worthconsideringtherequirementscaptureprocessdescribedinsection7.1
ofWritingAccessControlPoliciesforLDAP[FIN2009]:

Whatarethesubjects(users)andhowcantheybegroupedinto
classes?

Whataretheobjectsthatwemustcontrolaccessto?Don'tforgetthe
nonleafobjectsthatmakeupthestructureoftheDIT.

Whatisthesecuritypostureoftheorganisationopentotheworldor
tightlyclosed?

Howwillentriesbecreatedandmanaged?Ifthedirectorywillbethe
mastersourceofdata,whowillbeadministeringit?

Whatwillthedirectorybeusedfor?Whataccessisrequiredforeach
applicationtowork?

OncethebasicpolicyhasbeensetandtheoverallshapeoftheDIThasbeen
determined,itisusefultoworkthroughalltherelevantusecases.Foreach
oneitshouldbepossibletopointtoaspecificentryintheDITandask
questionslikeShoulduserAbeabletomodifythetelephonenumberinthis
entry?Shouldananonymoususerbeabletoreadthesurname?Theanswers
tothesequestionsprovidevalidationofthepolicydefinition,andalso
becomespecificitemsinthetestsuite(seesection3.11below).
Section5of[FIN2009]providesalistofdesignprinciplesforaccesscontrol
lists.Someofthemoreimportantonesaresummarisedhere:

ACLsareprogramstheyshouldbehandledbyprogrammers,notby
dataadministrators.

PlaceACLsonthesmallestpossiblenumberofentries.

Writethetestsfirst,asthishelpstoclarifyexactlywhatthe
requirementsare.

Don'twriteindividualaccountIDsintoACLs:givepermissionsto
groupsandallowadministratorstocontrolmembershipofthegroups.

Whereentriescanbeaddedtothedirectorybyendusersorbydata
administrators,itmaybeappropriatetouseDITStructureandDITContent
controlstorestrictthetypeofentriesthatcanbeadded.Thisisbecause
LDAPentriesoftengrantthepowertodoparticularthingsandthisoften
workseveniftheentriesareinthe'wrong'place,whiletheaccesscontrol
listsmaynotprovideadequatecontroloversuchentries.
Beawarethatthedetailsofaccesscontrolvarysomuchbetweenserver
productsthatsomepoliciescannotbecompletelyimplementedwithsome
servers.Ifdetailedaccesscontrolisimportantinanewprojectthenthis
shouldbetakenintoaccountwhenchoosingserversoftware.

3.5DITDesign
TheshapeoftheDITandtheattributeschosentoformdistinguishednames
canbothhaveaneffectonsecurity.Thisisbecauseitisnotpossibletogive
anysortofaccesstoinformationinanentrywithoutalsodisclosingthefull
DNofthatentry.TakinganexamplefromtheoriginalX.500standard
[X501],apersonmighthavetheLDAPDN:
CN=Smith,OU=Sales+L=Ipswitch,O=Telecom,C=UK
Itwouldnotbepossibletogiveaccesstothisperson'smailattributewithout
alsoexposingthenameandlocationofthedepartmentwheretheywork.
Similarly,itwouldnotbepossibletousetheentryforauthentication
(needingonlysearchaccesstouidandauthenticateaccesstothepassword)
withoutalsodisclosingtheuser'ssurnameandplaceofwork.
AmoresubtleproblemstemsfromtheinabilityofmanyLDAPserversto
hidetheexistenceofanentrywhoseDNhasbeenguessed.Anattackercan
usetheDNasthebaseofasearchoperation,andwilloftengetadifferent
errorcodeforexistingandnonexistingentrieseventhoughtheaccess
controllistsapparentlyprotecttheentrycompletely.
Manyproblemscanbeavoidedbycollectingallentriesdescribingpeopleinto
asinglecontainer(e.g.OU=People,O=Telecom,C=UK)andbyintroducingan
otherwisemeaninglessuniqueIdentifierattributeforuseintheRDN.

3.6Replication
Replicationisanessentialtechniquecontributingtoavailability.Having
multipleserverswithidenticaldataallowstheservicetocontinueevenifone
oftheserversfails.Placingserversinmultiplelocationsincreasestherange
ofthreatsthatcanbemitigated.
InternetfacingLDAPservicesshouldprotectagainstdistributeddenialof
service(DDoS)attacks,Thisishardtoachieveinpracticeduetothevery
largebotnetsthatsomeattackerscanmobilise,butonetechniqueworth
consideringistolocateserversondisparatenetworksaroundtheworldand
arrangethateachservercanonlybereachedfromadefinedrangeofsource
addresses.Evenserversoninternalcorporatenetworkscanbesubjectto
DDoSattackseitherfrommalwareorbyaccidentalmisconfigurationof
desktopsystems.
Replicationcancontributedirectlytoconfidentiality,byprovidingpublic
facingreplicascontainingonlyanonconfidentialsubsetofdatafromthe
mainservers.
Providinghighavailabilityforupdatesismuchharderthanprovidingitfor
readonlyoperations.Thisisbecausethereisariskofirreconcilablechanges
beingappliedtotwomasterserverswhiletheyareunabletocommunicate.
Inmanycasesitisbettertoprovideareadonlyservicewhilerecoveringa
failedmasterratherthanrisktheintegrityofthedata.

Ifhighavailabilityforupdatesisessential,therearesometechniquesthat
willreducetherisksofusingmultiplemasterservers:

Donotpermitentriestoberenamed

Trytoensurethatchangestoanygivenentryarealwaysmadeonthe
samemasterserver.

Beawarethatthereplicationprotocolsaredesignedtoensurethatuserdata
withinanygivenserverwilleventuallymatchthatonthemasterserver,but
thatthereisnoguaranteeonhowlongthismighttake.AnyLDAPclientthat
accessesmultipleservers(perhapsasaresultofusingaloadbalancer)may
seeinconsistenciesaffectingtheintegrityofitsviewofthedata.

3.7Network
Networkfirewallsareawellestablishedsecuritycomponent.Appropriate
firewallrulesshouldbeinplacetoprotectallLDAPservers.
BeawarethatsomeapplicationsmakelonglivedLDAPconnectionswhich
maybeidleforsubstantiallengthsoftime(e.g.outofofficehours).Firewalls
thattrackTCPsessionscanhaveaseriousimpactontheavailabilityofthese
applicationsassuchdevicesoftensilentlydropidleconnectionsafteran
hourortwo.Theproblemisexacerbatedbythetypicalfirewallbehaviourof
refusingtosendPortUnreachableorResetpacketswhennewtrafficarrives
onadroppedconnection.Ifyouhavetouseafirewallofthistype,tryvery
hardtomakeitclosetheTCPsessionsproperlyandtosendPortUnreachable
packetswhenappropriate.Failingthat,theonlysafeoptionistoconfigure
clientsand/orserverstocloseidleconnectionsbeforethefirewalldoes.

3.8SSLandTLS
MostdatacarriedbyLDAPislikelytobesensitive,sosessionsshouldbe
encryptedasamatterofcourse.
LDAPserverproductsarerequiredtosupportTransportLayerSecurity(TLS)
iftheysupportauthentication,sothisshouldbeuniversallyavailable.Most
alsosupporttheolderSSLencryptionusingaseparateTCPport,though
thisusagehasneverbeendefinedinastandard.Someorganisationsuse
SSLinthemistakenbeliefthatport636isinsomewaymoresecurethan
port389.Thisshouldberesisted:SSLhasbeendeprecatedforseveralyears
andthereareknownattacksagainstitthatwillnotbefixed.
ThecorrectandstandardapproachistostartLDAPwithoutencryptionand
thennegotiatetheTLSsecuritylayer.Ifnecessary,theservercanbe
configuredtorefusealloperationsotherthan'StartTLS'untilTLSisin
place.ItwouldstillbewisetopermitatleasttherootDSEtobereadwithout
TLSprotection,asmanyLDAPclientsneedtoreadthattodetecttheserver's
abilitytodoTLSatall.
OneimportantfunctionofTLSistoprovideprooftotheclientthatithas
connectedtothecorrectserverandthatthereisnomaninthemiddle

attackinprogress.Toachievethisprotectionitisvitalforallclientsystems
tohavetrustworthycopiesoftheappropriateX.509signer(CA)certificate,
andforthemtoimplementthecorrectvalidationchecksduringTLSsetup.
OnceTLSisinplaceontheconnection,theclientshouldrereadtheroot
DSEandanyotherinformationthatitplanstorelyon.Serversmaygive
differentanswersonsecureconnections,andinanycaseitisunwiseto
trustanyinformationreceivedoveranunprotectedlink.

3.9Serverconfiguration
Toprotectserviceavailability,serversshouldapplylimitsonthesizeof
searchresults.Largeresultsetscanconsumesignificantamountsof
memory,andcantakealongtimetotransfertotheclient.Theappropriate
valueforthelimitdependsontheapplication:aserverthatisjust
supportingauthenticationforotherapplicationsmightreasonablysetthe
limitaslowastwoentries,butonesupportingabrowsable'whitepages'
servicemighthavetoallowresultsof100entriesormore.
Thesetupofthehostoperatingsystemhasabearingonsecurity.Normal
goodpracticeshouldbefollowed.Considerationshouldbegiventousinga
dedicatedmachineorvirtualmachinetohostLDAPserverinstances.If
usingvirtualmachinesthenbeawarethatsomedatabasesinteractbadly
withsomevirtualisationtechnologies.
ThestandardLDAPTCPportiswithinthe'SystemPorts'range.Onmost
Unixlikeserverssuchportscanonlybeboundbytherootuser,soLDAP
serverprocessesarenormallystartedbyroot.Itisnotdesirabletorun
networkfacingservicesunderthisallpowerfulusername,soadedicated
accountshouldbeprovidedfortheservertoswitchtoassoonastheport
hasbeenbound.Betterstillwouldbetostarttheserverasanonrootuser
andeitherbindtoanonprivilegedport,ormakeuseofthePOSIX
CAP_NET_BIND_SERVICEcapabilitytopermitbindingtothestandardport.
LDAPserversneedapersistentdatastore.Someproductsuseanetworked
relationaldatabase,othershaveanembeddeddatabaseusinglocalfiles.In
eithercasethesecurityofthedatabasemustbecarefullymanagedtoavoid
anattackerbypassingtheLDAPserverandstealingdatadirectly.
Somedatabasesofferondiskencryption.Thismaybeausefulcontribution
tosecurity,butbearinmindthattheservermusthaveaccesstothe
encryptionkeysoinmanycasesanattackerwhostealsacopyofthe
databasewillalsogetthekeytodecryptitfromthesameplace.
AllLDAPserversanddatabasesstoreatleastpartoftheirconfiguration(and
oftenalloftheirdata)inlocalfiles.Thesemustbeproperlyprotectedbyfile
systempermissionssothatthecontentscannotbereadorwrittenbyany
accountotherthantheonethattheserverrunsunder.Someserversencrypt
partsoftheirconfiguration,butaswithencrypteddatabasesitislikelythat
anattackercouldstealtheencryptionkeysaseasilyasthefilesthemselves.

3.10OSissues
LDAPserverscanbeveryefficient,withonemachineservingmany
thousandsofclients.Thisleadstotheriskofhittingfiledescriptorlimits
andTCPconnectionlimitsintheoperatingsystem.Anysuchlimitsmustbe
settosuitablevaluestopreservetheavailabilityandperformanceofthe
service.ServersthatcouldbesubjecttoDDoSattackmayneedtheselimits
settoextremevalues,withcommensurateamountsofmemoryavailablein
support.
AddonsecurityservicessuchasApparmorandSELinuxaresometimes
usedtohardennetworkfacingprocesses.Thiscanbeausefulbackstopin
caseofcodingerrorsintheLDAPserver.Itisimportanttoreviewthe
configurationoftheseservices,particularlyiftheLDAPserverconfiguration
beingusedisdifferentfromthesupplier'sdefaultsetup.

3.11Testing
EveryLDAPserviceshouldhaveapermanenttestsuite.Thisisparticularly
necessarywheretheaccesscontrolrulesarecomplex.Testsshouldbe
writtenaspartofthedevelopmentprocess,andrelevantpartsofthetest
suiteshouldberunfrequentlyduringdevelopment.Whentheservicegoes
intoproduction,thetestsuiteshouldbekeptuptodateandrunwhenever
anyconfigurationchangesaremade.Itmaybenecessarytosplitthetests
intotwosetssothatasmanyaspossiblecanberunroutinelyagainstthe
productionenvironment.
Testsshouldcoveratleast:

Accesscontrolrules

Authenticationmethods

TLS

Sizelimits

Referentialintegrity(iftheserverisconfiguredtoenforcethis)

4Servicemanagement
4.1Constantservice
LDAPisoftenusedbymultipleuserfacingservices,somaintaining
availabilityisextremelyimportant.Withcarefulplanningitshouldbe
possibletodocompletehardwareandsoftwareupgradeswithoutanybreak
inservice.Thiscanbeachievedusingreplicaservers,andeitherclientside
fallbackor(preferably)LDAPawareproxiesandloadbalancers.
Clientsoftwareoftendealspoorlywithserverfailures.Asolutionforthis
problemistorunanLDAPproxyserviceoneachclientsystemsothatclient
softwareisalwaystalkingtoalocal(presumablyhighlyavailable)service.

4.2DevelopmentandTestenvironments
NormalgoodpracticedictatesthatDevelopmentandTestenvironments
shouldbecompletelyisolatedfromtheProductionenvironment.Amore
difficultdecisioniswhatdatatoloadinthoseenvironments:acopyofthe
productiondatagivesthebestemulationoftheproductionenvironment,but
thedataisstillsensitiveandsubjecttostrictlegalprotection.
Arepresentativesetofsynthetictestdatashouldbegeneratedandusedas
thenormalloadonbothDevelopmentandTestsystems.Thedatasetmust
belargeenoughtogiverealisticresultstoclientqueries.Occasionallyitmay
benecessarytoloadacopyoftheProductiondataontheTestsystem,in
whichcasecaremustbetakentoprotectitandtoeraseitcompletelywhen
itisnolongerneeded.

5Humanfactors
ItisgenerallyrecognisedthatthelegitimateusersofanITsystemarethe
mostlikelyrouteforasuccessfulattackonthesecurityofthatsystem.This
shouldbecounteredbytrainingandawarenesscampaigns,butsystem
designhasaparttoplaytoo.Anysystemthatmakesittoohardforpeople
todotheirjobwilleventuallybesubvertedorbypassedbytheusers.This
suggeststhatthetechnicalcontrolsshouldnotbesettoostrictly.
Further,therehastobeatradeoffbetweenhumanenforcedandmachine
enforcedpolicies.TheLDAPservercannotbeawareoftheintentionbehinda
particularoperation,soitcanonlyenforceverysimplerulesbasedonthe
datathatitholds.Businesslogicinotherapplicationsmayhaveawider
view,butultimatelythedecisionshavetobemadebypeople.
Amodelthathasvalueinsomeorganisationsittotruststafftomake
routineupdates,buttonotifyeachupdatetoa'directoryeditor'whocan
keepabroadwatchondataquality.

6MonitoringandAudit
Oneofthesecondarysecuritypropertiesmentionedin[ISO27000]is
accountability.Thiscanbeprovidedbyloggingandauditing.
MostLDAPservershavetheabilitytologchanges(andusuallyother
operations)intextformat.Thisisveryusefultodevelopersandsystem
managers,buttheformatisnotalwaysconvenientforaudit.Someservers
havetheabilitytomaintainachangelogoragenericoperationlogina
databasethatcanbesearchedusingnormalLDAPoperations.Thiscanbea
goodwaytoprovideaccountability,asitisusuallyeasytoformulatequeries
suchas'Onwhatoccasionswasthepasswordchangedonthisaccount?'
Beawarethatthereisacosttoalllogging,andforsearchablelogsitcanbe
quitehighbecauseeacheventmustberecordedandindexedinadatabase.
Thiscanmakefullaccountabilityinfeasibleonbusyservices.

7References
BEHERA

PasswordPolicyforLDAPDirectories,Sermersheim,J.,
Poitou,L.,Chu,H.Ed.,
draftbeheraldappasswordpolicy10.txt,August2009

FIN2009

WritingAccessControlPoliciesforLDAP,Findlay,A.,UKUUG
conferenceproceedings,spring2009
http://www.skills1st.co.uk/papers/ldapaclsjan2009/

ISO27000

ISO/IEC27000:2009InformationtechnologySecurity
techniquesInformationsecuritymanagementsystems
Overviewandvocabulary,ISO/IEC,Geneva,2009

ISO27001

ISO/IEC27001:2005InformationtechnologySecurity
techniquesInformationsecuritymanagementsystems
Requirements,ISO/IEC,Geneva,2005

ISO27002

ISO/IEC27002:2005InformationtechnologySecurity
techniquesCodeofpracticeforinformationsecurity
management,ISO/IEC,Geneva,2005

RFC4422

RFC4422:SimpleAuthenticationandSecurityLayer(SASL),
Melnikov,A.,Ed.,andZeilenga,K.,Ed.,June2006

RFC4510

RFC4510:LightweightDirectoryAccessProtocol(LDAP):
TechnicalSpecificationRoadMap,Zeilenga,K.,Ed.,June2006

RFC4513

RFC4513:LightweightDirectoryAccessProtocol(LDAP):
AuthenticationMethodsandSecurityMechanisms,Harrison,
R.,Ed.,June2006

RFC4120

RFC4120:TheKerberosNetworkAuthenticationService(V5),
Neuman,C.,Yu,T.,Hartman,S.,Raeburn,K.,July2005

X501

TheDirectoryModels,RecommendationX.501/ISO95942,
ISO/CCITT,Geneva1988

Contact
DrAndrewFindlay
Skills1stLtd
2CedarChase
Taplow
Maidenhead
SL60EU
+441628782565
andrew.findlay@skills1st.co.uk
www.skills1st.co.uk