Setting connection security

About this task

The following properties define the level of security to be used on the connection to the LDAP server. Set the following parameter to simple so that the IBM® BigFix® Remote Control server can communicate with most Active Directory servers.

ldap.security_authentication

Specifies the security level to use. Value can be set to one of the following strings: none, simple, strong. If this property is unspecified, the behavior is determined by the service provider.

ldap.security_athentication=simple

While most LDAP servers support simple plain text login, some Active Directory administrators require a secure connection. IBM BigFix Remote Control supports two types of secure connections to an Active Directory server, SASL (Digest-MD5) or SSL. If you cannot connect to the Active Directory server and see the following error in the trc.log:

LDAP Authentication.exception[LDAP: error code 8 - 00002028: LdapErr: DSID-0C09018A,
comment: The server requires binds to turn on integrity checking if SSL\TLS are not 
already active on the connection, data 0, vece ]

IBM BigFix Remote Control needs to be configured for either SASL or SSL connections.