Configuring management authentication

To configure management authentication with the local management interface, use the Management Authentication management page.

Procedure

  1. From the top menu, select Manage System Settings > System Settings > Management Authentication. All current management authentication settings are displayed.
  2. In the Main tab:
    • Select Local User Database if you want to use the local user database for authentication.
    • Select Remote LDAP User Registry if you want to use the remote LDAP user registry for authentication.
      Note: If a remote user registry is configured for management authentication, the local administrator user (admin) can continue to be referenced with the "admin@local" user name. You can use this as a fail safe in the event that the remote user registry is not reachable.
      1. In the LDAP tab:
        1. Specify the name of the LDAP server in the Host name field.
        2. Specify the port over which to communicate with the LDAP server in the Port field.
        3. Select the Anonymous Bind check box if the LDAP user registry supports anonymous bind.
        4. Specify the DN of the user that is used to bind to the registry in the Bind DN field.
        5. Specifies the password that is associated with the bind DN in the Bind Password field.
      2. In the LDAP General tab:
        1. Specify the name of the LDAP attribute that holds the supplied authentication user name of the user in the User Attribute field.
        2. Specify the name of the LDAP attribute that is used to hold the members of a group in the Group Member Attribute field.
        3. Specify the base DN that is used to house all administrative users in the Base DN field.
        4. Specify the DN of the group to which all administrative users belong in the Administrative Group DN field.
          Note: All administrative users must have permission to view the specified admin_group_dn group within the user registry.
      3. In the LDAP SSL tab:
        1. Select the Enable SSL check box to define whether SSL is used when the system communicates with the LDAP server.
        2. Select the name of the key database file in the Key File Name field.
        3. Select the name of the certificate to be used if client authentication is requested by the LDAP server in the Certificate Label field.
  3. Click Save to save your settings.
    Note: For the changes to take effect, they must be deployed.
  4. Optional: Click Test to test the authentication.
    Note: If there have been changes made to the management authentication configuration that have not yet been deployed, this test will run using the undeployed configuration.
    1. In the Test Authentication window, enter the user name in the Username field.
    2. Enter the password in the Password field.
    3. Click Test.
    If the authentication is successful, a success message is displayed. If the authentication is not successful, an error message is displayed.
Parent topic: System settings