Password repositories
Airlock IAM supports different types of password repositories, i.e. types of systems that store information required for checking passwords:
Type | Description |
|---|---|
Relational database | Password hash values (and salts) are stored in a relational database with the IAM database schema. In this case, the password hashing algorithm is chosen in the IAM configuration. This is the recommended password repository supporting the largest feature set. |
LDAP directory | Passwords can be stored in and checked against LDAP directories. Typically, the LDAP directory takes care of password hashing. |
MS Active Directory | Passwords are stored and managed in an MS Active Directory (MSAD) over the LDAP interface. The MSAD takes care of password hashing. |
RADIUS server | IAM can check passwords by calling a RADIUS interface of a third-party system. It is limited to verifying passwords. Password change and policy checks are not supported. |