Setting connection security
About this task
The following properties define the level of security to be used on the connection to the LDAP server. Set the following parameter to simple so that the BigFix® Remote Control server can communicate with most Active Directory servers.
- ldap.security_authentication
- Specifies the security level to use. Value can be set to one of the following strings: none,
simple, strong. If this property is unspecified, the behavior is determined by the service provider.
ldap.security_athentication=simple
While most LDAP servers support simple plain text login, some Active Directory administrators
require a secure connection. BigFix® Remote
Control supports two
types of secure connections to an Active Directory server, SASL (Digest-MD5) or
SSL. If you cannot connect to the Active Directory server and see the following
error in the trc.log:
LDAP Authentication.exception[LDAP: error code 8 - 00002028: LdapErr: DSID-0C09018A,
comment: The server requires binds to turn on integrity checking if SSL\TLS are not
already active on the connection, data 0, vece ]
BigFix® Remote Control needs to be configured for either SASL or SSL connections.