Password repositories

Airlock IAM supports different types of password repositories, i.e. types of systems that store information required for checking passwords:



Relational database

Password hash values (and salts) are stored in a relational database with the IAM database schema. In this case, the password hashing algorithm is chosen in the IAM configuration.

This is the recommended password repository supporting the largest feature set.

LDAP directory

Passwords can be stored in and checked against LDAP directories.

Typically, the LDAP directory takes care of password hashing.

MS Active Directory

Passwords are stored and managed in an MS Active Directory (MSAD) over the LDAP interface.

The MSAD takes care of password hashing.

RADIUS server

IAM can check passwords by calling a RADIUS interface of a third-party system. It is limited to verifying passwords. Password change and policy checks are not supported.