03-15-2012 07:42 AM - edited 03-10-2019 06:54 PM
Pretty sure this is a dumb question, but are the connections between the ACS and external identity stores encrypted?
I know that when setting up LDAP identity store there is the option to specify SSL conection. Are the other connections encrypted by default, or is the data sent between the ACS and AD, for example, sent in the clear?
03-16-2012 06:30 AM
It all depends on the identity store you are talking about.
If it's a Radius identity store (token server for example) then they talk RADIUS so there is a shared secret to encrypt the private data. All the attributes are still in clear though.
Active Directory is using Kerberos/NTLM encryption for everything.
LDAP, as you said, is either in clear or SSL encrypted.
08-16-2012 10:07 PM
Hi Nicholas
Can ACS 5.3 connect to multiple external database e.g connect to 2 different Windows AD?
08-16-2012 11:44 PM
No.
You would need to add the 2nd AD as "ldap" database.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide