Configuring management authentication
To configure management authentication with the local management interface, use the Management Authentication management page.
Procedure
- From the top menu, select Manage System Settings > System Settings > Management Authentication. All current management authentication settings are displayed.
- In the Main tab:
- Select Local User Database if you want to use the local user database for authentication.
- Select Remote LDAP User Registry if you
want to use the remote LDAP user registry for authentication.Note: If a remote user registry is configured for management authentication, the local administrator user (admin) can continue to be referenced with the "admin@local" user name. You can use this as a fail safe in the event that the remote user registry is not reachable.
- In the LDAP tab:
- Specify the name of the LDAP server in the Host name field.
- Specify the port over which to communicate with the LDAP server in the Port field.
- Select the Anonymous Bind check box if the LDAP user registry supports anonymous bind.
- Specify the DN of the user that is used to bind to the registry in the Bind DN field.
- Specifies the password that is associated with the bind DN in the Bind Password field.
- In the LDAP General tab:
- Specify the name of the LDAP attribute that holds the supplied authentication user name of the user in the User Attribute field.
- Specify the name of the LDAP attribute that is used to hold the members of a group in the Group Member Attribute field.
- Specify the base DN that is used to house all administrative users in the Base DN field.
- Specify the DN of the group to which all administrative users
belong in the Administrative Group DN field.Note: All administrative users must have permission to view the specified admin_group_dn group within the user registry.
- In the LDAP SSL tab:
- Select the Enable SSL check box to define whether SSL is used when the system communicates with the LDAP server.
- Select the name of the key database file in the Key File Name field.
- Select the name of the certificate to be used if client authentication is requested by the LDAP server in the Certificate Label field.
- In the LDAP tab:
- Click Save to save your
settings. Note: For the changes to take effect, they must be deployed.
- Optional: Click Test to
test the authentication. Note: If there have been changes made to the management authentication configuration that have not yet been deployed, this test will run using the undeployed configuration.
- In the Test Authentication window, enter the user name in the Username field.
- Enter the password in the Password field.
- Click Test.
Parent topic: System settings