6.1 Securing Driver Connections

For the driver to set a password in Active Directory (Subscriber channel), it must have a secure connection provided by one of the following conditions:

  • The remote loader runs on a domain controller: Use the Negotiate authentication method to create the connection. The driver does not require connection security between the remote loader and Active Directory. The driver supports bi-directional password synchronization.

  • The remote loader runs on a member server: Use the Negotiate authentication method to create the connection. The driver requires connection security between the remote loader and Active Directory, using either SSL or signing and sealing. The driver supports bi-directional password synchronization.

  • The remote loader runs on a server outside the domain: Use the Simple authentication method to create the connection. The driver requires connection security using SSL between the remote loader and Active Directory. The driver supports password synchronization only on the Subscriber channel.

Configure the authentication method and enable SSL or signing and sealing in the driver parameters. For more information, see Driver Parameters.