Symantec IGA

  • Private Community
 View Only

  • 1.  Authenticated with Clear Text credentials using LDAP simple bind

    Posted Mar 22, 2020 03:06 PM
    Hi Team ,

    Please need your help in CA IDM

    when ever i restart the im_ccs and im_jcs service of (Connector Server). The below message is coming.

    " ADMIN Authenticated with Clear Text credentials using LDAP simple bind " 

    these is coming in production servers

    Please need your help .

    Thanks & Regards
    Mohan


  • 2.  RE: Authenticated with Clear Text credentials using LDAP simple bind

    Broadcom Employee
    Posted Mar 23, 2020 07:59 AM
    Where do you see this message appear?
    Original Message


  • 3.  RE: Authenticated with Clear Text credentials using LDAP simple bind

    Posted Mar 23, 2020 09:51 AM
    Hi Kenneth,

    Please help us

    When IT security run there scanner the below message is captured in there logs .

    " ADMIN Authenticated with Clear Text credentials using LDAP simple bind "
    using LDAP - Connector server  computer name - Connector server  IP address.  
    - Domain Controller(AD) name

    Thanks & Regards
    Mohan 
    Original Message


  • 4.  RE: Authenticated with Clear Text credentials using LDAP simple bind

    Broadcom Employee
    Posted Mar 23, 2020 09:55 AM
    In which log?
    Original Message


  • 5.  RE: Authenticated with Clear Text credentials using LDAP simple bind

    Posted Mar 23, 2020 12:27 PM

    Hi Kenneth,

    Team run the  " Azure ATP - monitors AD activity" report weekly.
    Alert is raised when it happens  " ADMIN Authenticated with Clear Text credentials using LDAP simple bind "
    using LDAP - Connector server  computer name - Connector server  IP address.
    - Domain Controller(AD) name.

    ->The above alert is reported in  " Azure ATP - monitors AD activity" 
    ->we have observed that when ever the im_ccs and im_jcs services are restarted the above alert is getting triggered
    ->our connector servers are installed in Windows machines.
    ->we have connected the AD endpoint with IDM with SSL recommended.

    Thanks & Regards
    Mohan


    Original Message


  • 6.  RE: Authenticated with Clear Text credentials using LDAP simple bind

    Broadcom Employee
    Posted Mar 23, 2020 01:05 PM
    I do not know what " Azure ATP - monitors AD activity" is. What log is that monitoring?
    Original Message


  • 7.  RE: Authenticated with Clear Text credentials using LDAP simple bind

    Posted Mar 24, 2020 03:04 PM
    Hi Kenneth,

    when i was checking the logs i  have found the failure message(F: FAILURE: Search (eTADSDirectoryName=AD)) in " satranslog ".
    please need your help 

    Search (eTADSDirectoryName=AD) Request
    ADS:----:P: dn: eTADSDirectoryName=AD NA,eTNamespaceName=ActiveDirectory,dc=im,dc=etasa
    ADS:----:P: base-dn: eTADSDirectoryName=AD,eTNamespaceName=ActiveDirectory,dc=im,dc=et
    ADS:----:P:+ asa
    ADS:----:P: scope : BASE
    ADS:----:P: filter : (objectClass=*)
    ADS:----:P: size-limit: 0
    ADS:----:P: attrs : 1.1
    ADS:----:F: FAILURE: Search (eTADSDirectoryName=AD), entry-count: 0
    ADS:----:F: rc: 0x0020 (No such object)

    Thanks & Regards
    Mohan
    Original Message


  • 8.  RE: Authenticated with Clear Text credentials using LDAP simple bind

    Broadcom Employee
    Posted Mar 25, 2020 09:48 AM
    It is still not clear to me in which log the below was seen in. Please provide that information.

     " ADMIN Authenticated with Clear Text credentials using LDAP simple bind "
    using LDAP - Connector server  computer name - Connector server  IP address.
    - Domain Controller(AD) name.
    Original Message


  • 9.  RE: Authenticated with Clear Text credentials using LDAP simple bind
    Best Answer

    Posted Mar 26, 2020 10:52 AM
    Simple authentication consists of sending the LDAP server the fully qualified DN of the client (user) and the client's clear-text password. This mechanism has security problems because the password can be read from the network .-------------------------------------------

    MyLowesLife