Extension:LDAP Authentication/Configuration Example Notes

SSL
Notice that SSL is enabled in all examples. Your LDAP server may or may not require SSL. If you do not require SSL (if you set AD to not require signed communications), you can set that option to "false". Be aware that doing so will cause your domain user's passwords to be sent over the line in the clear.

For SSL to work, you must install an SSL certificate on your LDAP server, your wiki's server must trust the LDAP server's CA, and the DNS name of your LDAP server must resolve to the cn on the certificate issued.

Remember, if your web server does not use SSL (URL starts with http:// ), your password will be transmitted in clear text from the client browser to the web server. This is independent of the SSL settings described below from the web server to the LDAP server.