Menu Close
Red Hat Training
A Red Hat training course is available for RHEL 8
Chapter 102. Identity Management security settings
This section describes security-related features of Identity Management.
102.1. How Identity Management applies default security settings
By default, Identity Management (IdM) on RHEL 8 uses the system-wide crypto policy. The benefit of this policy is that you do not need to harden individual IdM components manually.
Red Hat recommends that you use the system-wide crypto policy. Changing individual security settings can break components of IdM. For example, Java in RHEL 8 does not fully support the TLS 1.3 protocol. Therefore, using this protocol can cause failures in IdM.
Additional resources
-
See the
crypto-policies(7)
man page.
102.2. Anonymous LDAP binds in Identity Management
By default, anonymous binds to the Identity Management (IdM) LDAP server are enabled. Anonymous binds can expose certain configuration settings or directory values. However, some utilities, such as realmd
, or older RHEL clients require anonymous binds enabled to discover domain settings when enrolling a client.
Additional resources
-
See the
Disabling Anonymous Binds
section in theRed Hat Directory Server 11 Administration Guide
.