Does the Datamaker login password get transmitted to the server in clear mode (Active Directory authentication)?

Document ID : KB000047201
Last Modified Date : 14/02/2018
Show Technical Document Details

Question: 

This is a question frequently asked by a company's security team: Does the Datamaker login password get transmitted to the server in clear mode? We are using Active Directory authentication. 

Environment:  

CA Test Data Manager (TDM)- Datamaker

Answer: 

For TDM to communicate with an Active Directory (AD) server, we use .net DirectoryServices through the DirectoryEntry Class. There are different types of authentication, but we use the 'secure' type. 

TDM requests secure authentication. When this flag is set, the WinNT provider uses NT LAN Manager (NTLM) to authenticate the client. Active Directory Domain Services uses Kerberos, and possibly NTLM, to authenticate the client. This means that the password is not transmitted in the clear. 

The following link can provide some more insight on this: https://msdn.microsoft.com/en-us/library/system.directoryservices.authenticationtypes(v=vs.110).aspx 

Additional Information:

If you experience any issues, please open a support case by going to https://support.ca.com/irj/portal/newhome or calling CA Customer Care at one of these numbers http://www.ca.com/us/company/contact-us.html