Matt,
* Desidero (desidero@gmail.com) wrote:
> I agree that it would be better for us to use something other than LDAP,
If you happen to be using Active Directory, then you should really be
using Kerberos-based auth instead. AD includes both LDAP and a KDC and
the LDAP half is really *not* the way to handle authentication in that
environment (or, well, really, LDAP isn't a terribly secure option in
any environment, but if it's all you've got and you're not allowed to
change then I suppose there's not much to be done about it).
Thanks!
Stephen