LDAP is slow and vulnerable protocol without sso and useful to attack own infrastructure. Kerberos is complicated and strong auth protocol with sso support based on a day cache - of course if you are programmer on C/C++/python/Go/Rust/…. Java programmers forget Kerberos if you do not read MIT RFC and use all by default.
Feedback: - Background music obstructs understanding. It's too invasive. - The important information is not shown as text in the video, but only given verbally. A good comparison with that is very difficult.
Student here, I thought that LDAP was the protocol that active directory ( authentication & authorization capabilities ) was built on. Also isn’t Kerberos & LDAP often paired together to provide secure access to resources stored on a directory over the internet?
LDAP is a protocol that is used to obtain information from a database using TCP/IP remotely, Kerberos is an authentication protocol used to authentication principals (users, computer and services) across a network (so a client can gain access to a file server for example) and Active Directory allows you to apply computer policy to clients, servers, users or groups of users. ADDS (Active Directory Domain Services) contains all three, one is the database (Active Directory), one is the authentication service (Kerberos) and one is used to query/modify the database over a network (LDAP). I hopes this clears it up a little for you.
Helpful comparison.
Underrated!
LDAP is slow and vulnerable protocol without sso and useful to attack own infrastructure. Kerberos is complicated and strong auth protocol with sso support based on a day cache - of course if you are programmer on C/C++/python/Go/Rust/…. Java programmers forget Kerberos if you do not read MIT RFC and use all by default.
Feedback:
- Background music obstructs understanding. It's too invasive.
- The important information is not shown as text in the video, but only given verbally. A good comparison with that is very difficult.
Smooth explanation. THANKS!!!!
great video
Student here, I thought that LDAP was the protocol that active directory ( authentication & authorization capabilities ) was built on. Also isn’t Kerberos & LDAP often paired together to provide secure access to resources stored on a directory over the internet?
LDAP is a protocol that is used to obtain information from a database using TCP/IP remotely, Kerberos is an authentication protocol used to authentication principals (users, computer and services) across a network (so a client can gain access to a file server for example) and Active Directory allows you to apply computer policy to clients, servers, users or groups of users. ADDS (Active Directory Domain Services) contains all three, one is the database (Active Directory), one is the authentication service (Kerberos) and one is used to query/modify the database over a network (LDAP). I hopes this clears it up a little for you.
very helpful