Moodle and LDAP Security Concerns

Printable View

26th October 2007, 07:32 PM
Optimus

Moodle and LDAP Security Concerns

Hi we have set up a Moodle site on our Win2003 webserver. The webserver is in school and can easily be connected to our network for LDAP authentication (tried it quickly and it works beautifully!), however, I have pulled the cable for now as I don’t know how best to secure it! We don’t want all and sundry hacking into our school network – so what have other places done to combat this potential problem!

Is blocking all ports except LDAP (389?) acceptable? Do we need another ISA between the webserver and our network monitoring all traffic? Any suggestions welcome! 8O
27th October 2007, 10:29 PM
dhicks

Re: Moodle and LDAP Security Concerns

Your LDAP server can see your web server, just not the other way around. Install an LDAP server on your web server and have the master LDAP server replicate (push) its data to the one on your web server.

--
David Hicks
31st October 2007, 03:32 PM
Optimus

Re: Moodle and LDAP Security Concerns

Going to have a play next week! Thanks!
10th December 2007, 06:28 PM
brubakes

Re: Moodle and LDAP Security Concerns

Quote:

Originally Posted by dhicks

Your LDAP server can see your web server, just not the other way around. Install an LDAP server on your web server and have the master LDAP server replicate (push) its data to the one on your web server.

--
David Hicks

We have done the same thing. Our moodle install looks to our web server for its LDAP config.

All times are GMT +1. The time now is 12:53 AM.

Powered by vBulletin® Version 4.2.0
Copyright © 2013 vBulletin Solutions, Inc. All rights reserved.
SEO by vBSEO ©2011, Crawlability, Inc.

Copyright EduGeek.net
Digital Point modules: Sphinx-based search