Supported Active Directory Authentication methods

Q. What Active Directory authentication methods are supported by the InterMapper Authentication server?

A. A: IMAuth supports basic authentication, with or without SSL, and DIGEST-MD5 encryption. Your AD server must support SSL, allow plaintext LDAP binds, or have the â€˜reversible encryptionâ€™ setting enabled for users you intend to authenticate. If your server doesnâ€™t meet these requirements, there are two alternate solutions:

1. Many networks with an AD domain controller also run Microsoft IAS, which may work better with IMAuth.

2. You can use ADâ€™s native Kerberos infrastructure. This requires you to create an â€˜imauthâ€™ user in AD, then use Microsoftâ€™s ktpass utility to produce an RC4-HMAC key for that user. This can then be uploaded as the Kerberos Service Key in IMAuthâ€™s Kerberos settings. The following tech-note describes this process in detail:

Using Kerberos with InterMapper
Â

Supported Active Directory Authentication methods

+1 800-328-1000

[email protected]

Infrastructure Protection & Data Security

Managed Security Services

Automation

IBM i