Security Parameters

During installation, the driver gathers the necessary information and creates default security policies and parameters. Before you begin customizing your Active Directory driver, you should become familiar with the following:

Understanding how the parameters work together and work with the operating system helps you define your approach to security for NsureTM Identity Manager data synchronization.


Recommended Security Configurations


Using the Identity Manager Remote Loader

Recommended settings:

Parameter Description

Authentication ID

The domain logon name, for example Administrator

Authentication Context

The DNS name of the domain controller

If you don't want to run the driver on your Active Directory domain controller, use hostname for the Negotiate method but use hostname or the IP address for the Simple method.

Application Password

The password used for the authentication account

Remote Loader Password

The password for the Remote Loader service

Authentication Method

Negotiate

Use Signing

No. Requires Windows 2003 or Windows 2000 with the most recent support pack, and Internet Explorer 5.5 SP2 or later on both servers.

Use Sealing

No. Requires Windows 2003 or Windows 2000 with the most recent support pack, and Internet Explorer 5.5 SP2 or later on both servers.

Use SSL

Yes. SSL is required to perform Subscriber password check, set, and modify when the driver shim isn't running on the domain controller.


Using SSL

SSL is recommended if you have selected the Simple authentication mechanism because Simple authentication passes passwords in clear text.

Parameter Description

Authentication ID

LDAP format Authentication ID

Authentication Context

IP address of domain controller

Password

The password for the specified Authentication ID

Use Signing

No

Use Sealing

No.

Use SSL

Yes