Environment
NetIQ Identity Manager
Novell Identity Manager 3.6.1
Novell Identity Manager 4.0
Novell Identity Manager Driver - Active Directory
DirXML Password Synchronization Nsure Identity Manager 2.0
Situation
Are Active Directory passwords encrypted when we send them from the Domain Controllers to the Remote Loader?
Additional Information
Passwords are encrypted on the filtered DC using RSA encryption methods using the PROV_RSA_FULL provider.
When we trap the password on the DC we encrypt it as mentioned above and put it in the cache. Then, a second thread, reads it out of the cache, decrypts it, re-encrypts it using the driver key, sends it over the wire and stores it in the driver cache on the agent machine.
Formerly known as TID# 10097391