In our environment, the information security department has prohibited all anonymous as well as unencrypted LDAP queries. This makes it impossible for us to have Windows user accounts in the Mart in 9.64, since it appears that the ERwin mart server is passing anonymous LDAP queries. Our workaround is to have our users remember another password for this one application.
Other applications do natively include this functionality.
Please consider a provision to do the following:
- Have a named domain account perform the LDAP query to AD for user authentication.
- Encrypt the network traffic for that LDAP query from ERwin to the AD domain controllers.
Please sign in to leave a comment.