Sending encrypted logon/password to Active Directory

This topic is locked

Sending encrypted logon/password to Active Directory	10/10/2014 1:40:23 PM
ASPRunnerPro General questions
M Mike Nagel author Our IT security team recently did a scan of the ASP code generated for one of our apps and has noted that the login and passwords are being sent in the clear when being authenticated against Active Directory. Can these be encrypted? If so, how do I go about that? Thanks!

Mark as Solved Mark as not solved

2 replies


	admin 10/11/2014
	Try to edit source\classes\runnerldap.asp file the following way. Find method_runner_ldap_connect function and add a line in bold. Let me know if this helps. Function method_runner_ldap_connect(byref this_object,ByVal aUsername,ByVal aPassword) Set this_object.ldapconn = Server.CreateObject("ADODB.Connection") this_object.ldapconn.Provider = "ADSDSOObject" this_object.ldapconn.Properties("ADSI Flag") = 1 this_object.ldapconn.Properties("Encrypt Password") = 1 this_object.ldapconn.Open "ADs Provider", aUsername, aPassword method_runner_ldap_connect = true End Function


M	Mike Nagel author 10/14/2014
	Sergey, Thanks for the quick feedback. I've made the change and asked for another security scan to be run. I'll let you know the outcome.

2 replies

Mark as Solved Reply