Users can be authenticated against
an ObjectServer, an external repository, such as an LDAP directory
or the default file-based repository. An ObjectServer or the file-based
repository can be selected during the installation. If the option
that you selected during installation is the authentication source
that you want to use, no extra configuration is needed. If you want
to use LDAP, or change you the selection you made, the steps are described
here.
Before you begin
Familiarize yourself with the concept of the Virtual Member
Manager (VMM) federated repository or realm. See Web GUI user authentication.
About this task
The following table describes the steps that you need
to perform to configure an LDAP directory for user authentication,
and also the steps if you want to change the authentication source.:
Table 1. Configuration options for Web GUI user
authentication
Authentication source that is currently
used |
Authentication source that you want to use |
Steps |
File-based repository |
ObjectServer |
- Delete the default users from the file-based repository.
- Add the ObjectServer to the realm by configuring the VMM plug-in.
- Optional: Enable ObjectServer users to authenticate against an
LDAP directory.
|
File-based repository |
LDAP |
- Delete the default users from the file-based repository.
- Add the LDAP directory to the realm. Extra configuration is required
for OpenLDAP.
- Confiigure the VMM plug-in to write to the LDAP directory.
- Assign Web GUI roles
to the LDAP users and groups.
- Optional: Synchronize the LDAP users with the ObjectServer.
|
ObjectServer |
LDAP |
- Remove the ObjectServer from the realm.
- Add the LDAP directory to the realm. Extra configuration is required
for OpenLDAP.
- Confiigure the VMM plug-in to write to the LDAP directory.
- Assign Web GUI roles
to the LDAP users and groups.
- Optional: Synchronize the LDAP users with the ObjectServer.
|
LDAP |
ObjectServer |
- Remove the LDAP directory from the realm.
- Add the ObjectServer to the realm by configuring the VMM plug-in.
- Optional: Enable ObjectServer users to authenticate against an
LDAP directory.
|