DMA OperationsGuide Security Settings
50 Polycom, Inc.
Allow unencrypted
connections to the
Active Directory
Normally, the Polycom DMA system connects to Active
Directory using SSL or TLS encryption. But if the Active
Directory server or servers (including domain controllers
if you import global groups) aren’t configured to support
encryption, the Polycom DMA system can only connect
using an unencrypted protocol. This option allows such
connections if an encrypted connection can’t be
established.
This configuration causes an extreme security flaw: the
unencrypted passwords of enterprise users are
transmitted over the network, where they can easily be
intercepted.
Use this option only for diagnostic purposes. By toggling
it, you can determine whether encryption is the cause of
a failure to connect to Active Directory or to load group
data. If so, the solution is to correctly configure the
relevant servers, not to allow ongoing use of
unencrypted connections.
Allow unencrypted
connections to MCUs Normally, the Polycom DMA system uses only HTTPS
for the conference control connection to RMX MCUs,
and therefore can’t control an RMX MCU that accepts
only HTTP (the default). This option enables the system
to fall back to HTTP for RMX MCUs not configured for
HTTPS.
We recommend configuring your MCUs to accept
encrypted connections rather than enabling this option.
When unencrypted connections are used, the RMX
login name and password are sent unencrypted over
the network.
Allow unencrypted
calendar notifications
from Exchange server
Normally, if calendaring is enabled, the Polycom DMA
system gives the Microsoft Exchange server an HTTPS
URL to which the Exchange server can deliver calendar
notifications. In that case, the Polycom DMA system
must have a certificate that the Exchange server
accepts in order for the HTTPS connection to work.
If this option is selected, the Polycom DMA system does
not require HTTPS for calendar notifications.
We recommend installing a certificate trusted by the
Exchange server and using an HTTPS URL for
notifications rather than enabling this option.
Table 3-5 Fields on the Security Settings page (continued)
Field Description