Save the Date: LDAPCon returns in 2026! 📣
After 7 years, #LDAPCon is back — OCT 6–8 in Tübingen, Germany!
3 days of workshops, talks, & networking around #LDAP, directory services, and #IdM.
More details and a website will follow.
#LDAP
Bug Bounty Tutorial Series—Part 2: Understanding SSRF (Server-Side Request Forgery)
This article focuses on Server-Side Request Forgery (SSRF), a technique used to execute requests from a vulnerable server to internal or external resources controlled by an attacker. The underlying flaw revolved around insufficient validation of user input in a DNS resolver component, allowing the researcher to control the hostname and manipulate requests made via the resolver. By crafting a specially-crafted payload using JavaScript to invoke an LDAP query against an internal Microsoft Active Directory server, the researcher obtained the domain administrator's email address. The article explains that SSRF attacks can be used for various malicious purposes like lateral movement, data exfiltration, and reconnaissance. The researcher received a bounty of $1000, with the organization addressing the issue by whitelisting trusted IP ranges and disabling external DNS resolution where possible. Key lesson: Validate user input in resolvers to prevent Server-Side Request Forgery attacks and their potential consequences. #BugBounty #SSRF #Cybersecurity #WebSecurity #LDAP
🔐 LDAP es el protocolo que permite gestionar usuarios y accesos en redes empresariales. Conoce cómo funciona, sus puertos y aplicaciones prácticas. 💻
Lee más 👉 https://www.soloingenieria.org/ingenieria-en-sistemas-computacionales/ldap/
Imagen creada con IA.
#LDAP #RedesDeComputadoras #SeguridadInformática #ProtocolosDeRed #IngenieríaEnSistemas #TecnologíaEmpresarial
Sin LDAP, cada aplicación empresarial necesitaría su propia base de usuarios. Este protocolo unifica todo en un solo directorio. La centralización bien aplicada ahorra tiempo y reduce errores. 🔐
#LDAP #RedesDeComputadoras #SeguridadInformática #ProtocolosDeRed #IngenieríaEnSistemas #TecnologíaEmpresarial
AlpOSS – Le Renouveau de l'Écosystème Open Source Alpin
AlpOSS 2026: The Rise of a Regional Open Source Powerhouse
Worteks kehrt auf die AlpOSS 2026 zurück
🏔️ Worteks revient à AlpOSS ! 🏔️
💬 Rendez-vous sur notre stand pour discuter avec nos experts.
🎤 Cette année, @clementoudot animera la conférence : “Des outils IAM Open Source pour OpenLDAP et Active Directory, votre RSSI vous dira merci !”
📅 17 février 2026
📍 Échirolles
🎟️ Inscription sur : https://alposs.fr
Organisé par @echirolles @Belledonne_Communications et @ow2
I’ve documented a clean, native way to integrate FreeBSD 15 into a FreeIPA realm. No heavy dependencies, no Python shims, just pure Kerberos (GSSAPI) and nslcd.
We get full SSH SSO, automated home directories, and centralized sudo rules using standard BSD tools. Pure, stateless, and sane.
How to Deploy #LDAP Server and Client on Rocky Linux #VPS (389 Directory Server Guide) Below is a comprehensive, step-by-step guide to deploying the 389 Directory Server on Rocky Linux VPS instances, and configuring a separate Rocky Linux machine as an LDAP client.
It covers everything from package installation and initial instance setup, through ...
Continued 👉 https://blog.radwebhosting.com/how-to-deploy-ldap-server-and-client-on-rocky-linux-vps-389-directory-server-guide/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #rockylinux #selfhosting #security #selfhosted #opensource #directoryserver #letsencrypt #identitymanagement
How to Deploy #LDAP Server and Client on Rocky Linux #VPS (389 Directory Server Guide) Below is a comprehensive, step-by-step guide to deploying the 389 Directory Server on Rocky Linux VPS instances, and configuring a separate Rocky Linux machine as an LDAP client.
It covers everything from package installation and initial instance setup, through ...
Continued 👉 https://blog.radwebhosting.com/how-to-deploy-ldap-server-and-client-on-rocky-linux-vps-389-directory-server-guide/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #security #selfhosting #opensource #rockylinux #directoryserver #selfhosted #letsencrypt #identitymanagement
How to Deploy #LDAP Server and Client on Rocky Linux #VPS (389 Directory Server Guide) Below is a comprehensive, step-by-step guide to deploying the 389 Directory Server on Rocky Linux VPS instances, and configuring a separate Rocky Linux machine as an LDAP client.
It covers everything from package installation and initial instance setup, through ...
Continued 👉 https://blog.radwebhosting.com/how-to-deploy-ldap-server-and-client-on-rocky-linux-vps-389-directory-server-guide/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.raddemo.host #selfhosting #directoryserver #rockylinux #letsencrypt #opensource #identitymanagement #security #selfhosted
Как не внимательная установка безобидного ПО, может привести к компрометации всего домена
В этой статье речь пойдет об интересном кейсе захвата компании во время проекта по пентесту. Подробно разберем причины пробелов в безопасности и как предотвращать такие проблемы в будущем. Будет много практики по Active Directory, RBCD, PostgresSQL и реальных инструментов, которые используются современными специалистами по проникновению.
https://habr.com/ru/companies/hex_team/articles/988008/
#redteam #pentest #activedirectory #windows #kerberos #rce #rbcd #ldap #privelege_escalation #цифровая_гигиена
How to Deploy #LDAP Server and Client on Rocky Linux #VPS (389 Directory Server Guide) Below is a comprehensive, step-by-step guide to deploying the 389 Directory Server on Rocky Linux VPS instances, and configuring a separate Rocky Linux machine as an LDAP client.
It covers everything from package installation and initial instance setup, through ...
Continued 👉 https://blog.radwebhosting.com/how-to-deploy-ldap-server-and-client-on-rocky-linux-vps-389-directory-server-guide/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #identitymanagement #rockylinux #selfhosting #directoryserver #letsencrypt #selfhosted #security #opensource
🎊 LTB Service Desk 0.8 released!
ℹ️ LDAP Tool Box Service Desk is a web application for administrators and support teams. It allows to browse and manage (create/modify/delete) accounts in an LDAP directory, view and update their password and security status.
🆕 Improvements on hooks, performances, password history viewer and attributes properties (mandatory, tooltips, patterns)
🔗 https://projects.ow2.org/view/ldaptoolbox/ltb-service-desk-0-8-released
See you next month at @alposs !
I hit a big(ish) limitation with lldap.
I can not use it for samba authentication. It needs objects specifically for Samba, which lldap doesn't support.
Fortunately, I don't have a lot of users on my file server. So I can use lldap for user and group id mapping, but then a local smbpasswd file for auth.
From Code to Coverage (Part 2): The Whitespace Nightmare: Writing Sigma Rules That Actually Match: https://www.huntress.com/blog/ldap-active-directory-detection-part-two
From Code to Coverage (Part 1): The OID Transformation That Hinders LDAP Detection: https://www.huntress.com/blog/ldap-active-directory-detection-part-one
OpenLDAP : configurer le LDAPS pour sécuriser les connexions (Red Hat 9 / Debian 13) https://www.it-connect.fr/tuto-openldap-configurer-le-ldaps-linux/ #Linux #LDAP
Hello #yunohost and #matrix users.
Maybe you know that Synapse for Matrix is not light-weight and its proposed successor Dendrite is not ready yet. A nice light-weight alternative is Conduit.
Conduit has still no support for #LDAP even though it was requested a few years ago.
TIL there are several Conduit forks :
https://slrpnk.net/post/31897087
At least one of them, Tuwunel, does have LDAP support since April.
https://github.com/matrix-construct/tuwunel/issues/1
This means that you can setup a Yunohost server, add friends, family as new users in Yunohost, install Tuwunel and the users will be able to use your light-weight Matrix (via Tuwunel) server.
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst