Authentication Settings

The Authentication Settings page enables you to configure SevOne NMS users to access the application via LDAP protocol authentication. The System Authentication tab enables you to upload security certificates.

To access the Authentication Settings page from the navigation bar, click the Administration menu, select Access Configuration, and then select Authentication Settings.

authSettings

System Authentication

The System Authentication tab enables you to upload security certificates. SevOne NMS uses authentication certificates for LDAP. You also need to upload a certificate if you want to use the HTTP plugin and/or the Web Status plugin with a log on via https. You must upload the CA Root Certificates to enable SevOne NMS to communicate with an LDAP server that has certificates that are signed by an unknown CA. The certificates must be base64-encoded PEM files. It can take up to fifteen minutes for a certificate to synchronize across your SevOne cluster.

authSettingsSystemAuthentication
  1. Click Add Certificate to display the Upload SSL/TLS Root Certificate pop-up.
    authSettingsAddCertificate
  2. Click folderIcon to locate and select the certificate.
  3. \Click Upload to upload the certificate.

Certificate Information

Note: The System Authentication tab provides the following information for certificates that have been uploaded.
  • Common Name - The hostname that the certificate is associated with.
  • >Organization - The organization that the certificate is associated with.
  • ValidityFrom - The date and time from which the certificate is valid.
  • ValidityTo - The date and time at which the certificate stops being valid.
  • Version - The certificate version number.
  • SerialNumber - The certificate's serial number.

Troubleshooting

Check the basics

It is a good idea to start with the basics. If you have added a server and the connection test has failed, double-check that all the basic settings are correct. Select the server in question and click wrenchIcon to display the Edit LDAP Server pop-up. Check line-by-line to confirm that the information in the fields is accurate. If you used a bind password, try reentering it to see if that fixes the problem.

You uploaded a certificate, and the server connection test fails when using StartTLS or SSL

There are a few possibilities here:

  1. The newly uploaded certificate may not have taken effect yet. Just give it a few minutes and try again. If that does not work, proceed to the next step.
  2. Something went wrong during the upload. Try uploading your certificate again and wait about five minutes for it to take effect. If that does not work, proceed to step 3.
  3. There is a problem with your certificate. If there is a problem with the certificate itself, you may need to get another copy of the certificate file. Upload the new certificate file and wait about five minutes for it to take effect. If you are still having problems after that, the original certificate file may be corrupted. If it is, you will need to get a good certificate file and upload that. Once again, give it about five minutes to take effect.

Relevant Terms

Authentication
The process of verifying that someone is who they claim to be.
Authorization
The process of allowing someone access or information
Certificate
A file used to verify that its owner (for example, a server) is who it says it is.
Certificate Authority (CA)
A trusted third party that issues digital certificates, which certify that the certificate owners are who they say they are.
Encryption
The process of converting data into a format that can only be read by authorized users.