Secure LDAP connections

Secure connections provide additional protection for an LDAP integration.

The LDAP integration ensures security by connecting from a single machine that uses a fixed IP address through a specific port on the firewall. Furthermore, the connection requires a read-only LDAP account of your choosing for authentication. If you need additional protection for the LDAP integration, you can use one of these security features:

Table 1. Secure LDAP connections
Connection Description
MID Server To shield your LDAP server from external network traffic, install a MID Server on the local network and configure the system to communicate with the MID Server over a secure channel.
LDAPS To establish an encrypted LDAPS connection, load the public side of your LDAP server SSL certificate. The integration uses the certificate to encrypt all communication between the LDAP server and the instance.
VPN To secure the LDAP server with an encrypted point-to-point IPSEC VPN tunnel, speak to your account manager for details and pricing.

For more information about VPNs, MID Servers, and LDAP integrations, see You Don't Need A VPN Part I on the ServiceNow Community.