By default, NTLMv2 is used if Kerberos is not configured and enforced in the environment for Lightweight Directory Access Protocol Secure (LDAPS) by editing the registry keys to enable LDAPS as the authentication mechanism. Kerberos will be used when LDAPS is enabled.
The following Enhancement Request ID#: 294694, has been created to add an option within the PMAdmin site to enable LDAPS without having to modify registry keys to enforce LDAPS authentication.
NOTE: The Password Manager Host server will use NTLM for the PMAdmin website even when LDAPS is enabled in the registry, and may report errors in the Windows Event Viewer logs for NTLM. This does not compromise the security of the product and can be ignored at this time.
WORKAROUND
If LDAPS is not configured on the Password Manager host server the default authentication used will be NTLMv2.
To enable LDAPS to use Kerberos the following registry keys need to be edited as outlined here: How to enable LDAP over SSL for Password Manager. (314916)
STATUS
Contact your current Sales Account Manager for updates on Enhancement Request ID: 294694.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Feedback Términos de uso Privacidad Cookie Preference Center