Configuring user authentication

Users can be authenticated against an ObjectServer, an external repository, such as an LDAP directory or the default file-based repository. An ObjectServer or the file-based repository can be selected during the installation. If the option that you selected during installation is the authentication source that you want to use, no extra configuration is needed. If you want to use LDAP, or change you the selection you made, the steps are described here.

Before you begin

Familiarize yourself with the concept of the Virtual Member Manager (VMM) federated repository or realm. See Web GUI user authentication.

About this task

The following table describes the steps that you need to perform to configure an LDAP directory for user authentication, and also the steps if you want to change the authentication source.:

Table 1. Configuration options for Web GUI user authentication
Authentication source that is currently used Authentication source that you want to use Steps
File-based repository ObjectServer
  1. Delete the default users from the file-based repository.
  2. Add the ObjectServer to the realm by configuring the VMM plug-in.
  3. Optional: Enable ObjectServer users to authenticate against an LDAP directory.
File-based repository LDAP
  1. Delete the default users from the file-based repository.
  2. Add the LDAP directory to the realm. Extra configuration is required for OpenLDAP.
  3. Confiigure the VMM plug-in to write to the LDAP directory.
  4. Assign Web GUI roles to the LDAP users and groups.
  5. Optional: Synchronize the LDAP users with the ObjectServer.
ObjectServer LDAP
  1. Remove the ObjectServer from the realm.
  2. Add the LDAP directory to the realm. Extra configuration is required for OpenLDAP.
  3. Confiigure the VMM plug-in to write to the LDAP directory.
  4. Assign Web GUI roles to the LDAP users and groups.
  5. Optional: Synchronize the LDAP users with the ObjectServer.
LDAP ObjectServer
  1. Remove the LDAP directory from the realm.
  2. Add the ObjectServer to the realm by configuring the VMM plug-in.
  3. Optional: Enable ObjectServer users to authenticate against an LDAP directory.