Managing User Accounts



Similar documents
Managing User Accounts

Managing User Accounts

Managing the System Event Log

Configuring User Identification via Active Directory

IIS, FTP Server and Windows

Setting the Management IP Address

Managing the System Event Log

Managing the System Event Log

Microsoft IAS Configuration for RADIUS Authorization

Integrating LANGuardian with Active Directory

Managing Identities and Admin Access

Creating and Issuing the Workstation Authentication Certificate Template on the Certification Authority

To enable an application to use external usernames and passwords, you need to first configure CA EEM to use external directories.

System Administration and Log Management

LDAP Server Configuration Example

Upgrading User-ID. Tech Note PAN-OS , Palo Alto Networks, Inc.

Application Note. ShoreTel 9: Active Directory Integration. Integration checklist. AN June 2009

Integrating idrac 7 with Microsoft Active Directory

Only LDAP-synchronized users can access SAML SSO-enabled web applications. Local end users and applications users cannot access them.

Egnyte Single Sign-On (SSO) Configuration for Active Directory Federation Services (ADFS)

Integrating idrac7 With Microsoft Active Directory

Integrating CoroSoft Datacenter Automation Suite with F5 Networks BIG-IP

Moving the TRITON Reporting Databases

Borderware Firewall Server Version 7.1. VPN Authentication Configuration Guide. Copyright 2005 CRYPTOCard Corporation All Rights Reserved

How To Backup In Cisco Uk Central And Cisco Cusd (Cisco) Cusm (Custodian) (Cusd) (Uk) (Usd).Com) (Ucs) (Cyse

Active Directory integration with CloudByte ElastiStor

End User Configuration

Creating Home Directories for Windows and Macintosh Computers

Configuring the Palo Alto Firewall for use with Juniper Steel-Belted RADIUS.

NetIQ Advanced Authentication Framework - MacOS Client

PRODUCT WHITE PAPER LABEL ARCHIVE. Adding and Configuring Active Directory Users in LABEL ARCHIVE

Using the Content Distribution Manager GUI

Protected Trust Directory Sync Guide

How To Integrate Watchguard Xtm With Secur Access With Watchguard And Safepower 2Factor Authentication On A Watchguard 2T (V2) On A 2Tv 2Tm (V1.2) With A 2F

How To - Implement Single Sign On Authentication with Active Directory

TSM for Windows Installation Instructions: Download the latest TSM Client Using the following link:

HP Device Manager 4.7

Configuring Color Access on the WorkCentre 7120 Using Microsoft Active Directory Customer Tip

PineApp Surf-SeCure Quick

NAS 206 Using NAS with Windows Active Directory

Sample Configuration: Cisco UCS, LDAP and Active Directory

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

SharePoint AD Information Sync Installation Instruction

QUANTIFY INSTALLATION GUIDE

Use the below instructions to configure your wireless settings to connect to the secure wireless network using Microsoft Windows Vista/7.

LDAP Implementation AP561x KVM Switches. All content in this presentation is protected 2008 American Power Conversion Corporation

Two-Factor Authentication

How to Configure Microsoft System Operation Manager to Monitor Active Directory, Group Policy and Exchange Changes Using NetWrix Active Directory

Configure Cisco Unified Customer Voice Portal

In the Active Directory Domain Services Window, click Active Directory Domain Services.

Configuring Microsoft Active Directory for Integration with NextPage NXT 3 Access Control

Video Administration Backup and Restore Procedures

Deploying Remote Desktop Connection Broker with High Availability Step-by-Step Guide

LDAP Server Configuration Example

External Authentication with Citrix Secure Gateway - Presentation server Authenticating Users Using SecurAccess Server by SecurEnvoy

Before you may use any database in Limnor, you need to create a database connection for it. Select Project menu, select Databases:

Managing Rack-Mount Servers

Unified Monitoring Portal Online Help Account Admin

External Authentication with Cisco VPN 3000 Concentrator Authenticating Users Using SecurAccess Server by SecurEnvoy

Enterprise Apple Xserve Wiki and Blog using Active Directory. Table Of Contents. Prerequisites 1. Introduction 1

Your Question. Net Report Answer

DigitalPersona Pro Server for Active Directory v4.x Quick Start Installation Guide

How To - Implement Clientless Single Sign On Authentication in Single Active Directory Domain Controller Environment

External Authentication with Windows 2003 Server with Routing and Remote Access service Authenticating Users Using SecurAccess Server by SecurEnvoy

Customer Tips. Configuring Color Access on the WorkCentre 7328/7335/7345 using Windows Active Directory. for the user. Overview

Basic Exchange Setup Guide

Installing the Operating System or Hypervisor

Active Directory Integration

How to Logon with Domain Credentials to a Server in a Workgroup

Security Assertion Markup Language (SAML) Site Manager Setup

How To Install Ctera Agent On A Pc Or Macbook With Acedo (Windows) On A Macbook Or Macintosh (Windows Xp) On An Ubuntu (Windows 7) On Pc Or Ipad

Configure your firewall for administrative access via RADIUS authentication

Field Description Example. IP address of your DNS server. It is used to resolve fully qualified domain names

Configure Single Sign on Between Domino and WPS

Verify LDAP over SSL/TLS (LDAPS) and CA Certificate Using Ldp.exe

Delegated Administration Quick Start

PriveonLabs Research. Cisco Security Agent Protection Series:

How To Set Up Chime For A Coworker On Windows (Windows) With A Windows 7 (Windows 7) On A Windows 8.1 (Windows 8) With An Ipad (Windows).Net (Windows Xp

Gigabyte Content Management System Console User s Guide. Version: 0.1

CLEO NED Active Directory Integration. Version 1.2.0

Dell SonicWALL and SecurEnvoy Integration Guide. Authenticating Users Using SecurAccess Server by SecurEnvoy

Deploying RSA ClearTrust with the FirePass controller

Basic Exchange Setup Guide

How To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (

How to install Small Business Server 2003 in an existing Active

Managing users. Account sources. Chapter 1

Charter Business Phone. Online Control Panel Getting Started Guide. Document Version 1.0

Create, Link, or Edit a GPO with Active Directory Users and Computers

econtrol 3.5 for Active Directory & Exchange Administrator Guide

Using LDAP Authentication in a PowerCenter Domain

Kerberos authentication between multiple domains may fail on LiveCycle Rights Management ES 8.2.1

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP LTM with the Zimbra Open Source and Collaboration Suite

Using MailStore to Archive MDaemon

NSi Mobile Installation Guide. Version 6.2

Integrating with IBM Tivoli TSOM

DEPLOYMENT GUIDE Version 1.2. Deploying F5 with Oracle E-Business Suite 12

RoomWizard Synchronization Software Manual Installation Instructions

LDAP User Guide PowerSchool Premier 5.1 Student Information System

Transcription:

Managing User Accounts This chapter includes the following sections: Configuring Local Users, page 1 Active Directory, page 2 Viewing User Sessions, page 6 Configuring Local Users Before You Begin You must log in as a user with admin privileges to configure or modify local user accounts. Step 5 In the Navigation pane, click the Admin tab. On the Admin tab, click User Management. In the User Management pane, click the Local User tab. To configure or modify a local user account, click a row. In the User Details dialog box, update the following properties: ID column Enabled check box Username column The unique identifier for the user. If checked, the user is enabled on the CIMC. The username for the user. OL-23489-08 1

Active Directory Managing User Accounts Role column The role assigned to the user. This can be one of the following: read-only A user with this role can view information but cannot make any changes. user A user with this role can perform the following tasks: View all information Manage the power control options such as power on, power cycle, and power off Launch the KVM console and virtual media Clear all logs Toggle the locator LED admin A user with this role can perform all actions available through the GUI, CLI, and IPMI. Step 6 Step 7 Enter password information. Click Save Changes. Active Directory Active Directory is a technology that provides a variety of network services including LDAP-like directory services, Kerberos-based authentication, and DNS-based naming. The CIMC utilizes the Kerberos-based authentication service of Active Directory. When Active Directory is enabled in the CIMC, user authentication and role authorization is performed by Active Directory for user accounts not found in the local user database. By checking the Enable Encryption check box in the Active Directory Properties area, you can require the server to encrypt data sent to Active Directory. Configuring the Active Directory Server The CIMC can be configured to use Active Directory for user authentication and authorization. To use Active Directory, configure users with an attribute that holds the user role and locale information for the CIMC. You can use an existing LDAP attribute that is mapped to the CIMC user roles and locales or you can modify the Active Directory schema to add a new custom attribute, such as the CiscoAVPair attribute, which has an attribute ID of 1.3.6.1.4.1.9.287247.1. For more information about altering the Active Directory schema, see the article at http://technet.microsoft.com/en-us/library/bb727064.aspx. The following steps are to be performed on the Active Directory server. 2 OL-23489-08

Managing User Accounts Configuring the Active Directory Server This example creates a custom attribute named CiscoAVPair, but you can also use an existing LDAP attribute that is mapped to the CIMC user roles and locales. Ensure that the Active Directory schema snap-in is installed. Using the Active Directory schema snap-in, add a new attribute with the following properties: Properties Value Common LDAP Display Unique X500 Object ID Syntax CiscoAVPair CiscoAVPair 1.3.6.1.4.1.9.287247.1 CiscoAVPair Case Sensitive String Add the CiscoAVPair attribute to the user class using the Active Directory snap-in: a) Expand the Classes node in the left pane and type U to select the user class. b) Click the Attributes tab and click Add. c) Type C to select the CiscoAVPair attribute. d) Click OK. Add the following user role values to the CiscoAVPair attribute, for the users that you want to have access to CIMC: Role CiscoAVPair Attribute Value admin user read-only shell:roles="admin" shell:roles="user" shell:roles="read-only" For more information about adding values to attributes, see the article at http://technet.microsoft.com/ en-us/library/bb727064.aspx. What to Do Next Use the CIMC to configure Active Directory. OL-23489-08 3

Configuring Active Directory in CIMC Managing User Accounts Configuring Active Directory in CIMC Before You Begin You must log in as a user with admin privileges to perform this task. In the Navigation pane, click the Admin tab. On the Admin tab, click User Management. In the User Management pane, click the Active Directory tab. In the Active Directory Properties area, update the following properties: Enabled check box Domain Controller fields Timeout field Enable Encryption check box Domain field Attributes field If checked, user authentication and role authorization is performed by Active Directory for user accounts not found in the local user database. If you check this box, CIMC enables the rest of the fields in this section. You can specify up to three LDAP domain controllers that CIMC can use to access the LDAP database. CIMC tries to contact the database using the IP address in the order they are specified on this tab. The number of seconds the CIMC waits until the LDAP search operation times out. If the search operation times out, CIMC tries to connect to the next domain controller or global catalog listed on this tab, if one is available. If checked, the server encrypts all information it sends to Active Directory. The IPv4 domain that all users must be in. This field is required unless you specify at least one Global Catalog server address. An LDAP attribute that contains the role and locale information for the user. This property is always a name-value pair. The system queries the user record for the value that matches this attribute name. The LDAP attribute must have the following attribute ID: CiscoAvPair If you do not specify this property, user access is restricted to read-only. 4 OL-23489-08

Managing User Accounts Configuring Active Directory in CIMC Global Catalog fields A Global Catalog allows CIMC to search for a user in the Active Directory regardless of the domain that user resides in. You can enter the IP address or fully qualified domain name (FQDN) for the Global Catalog in each of the three Global Catalog fields. CIMC tries to access the catalog using the IP addresses or FQDNs in the order they are specified on this tab. Step 5 (Optional) In the Active Directory Groups area, update the following properties: LDAP Group Authorization check box If checked, user authentication is also done on the group level for users that are not found in the local user database or who are not individually authorized to use CIMC in the Active Directory. If you check this box, CIMC enables the Configure Group button. Group column Group Domain column Role column The name of the group in the Active Directory database that is authorized to access the server. The Active Directory domain the group must reside in. The role assigned to all users in this Active Directory group. This can be one of the following: read-only A user with this role can view information but cannot make any changes. user A user with this role can perform the following tasks: View all information Manage the power control options such as power on, power cycle, and power off Launch the KVM console and virtual media Clear all logs Toggle the locator LED admin A user with this role can perform all actions available through the GUI, CLI, and IPMI. Step 6 Click Save Changes. OL-23489-08 5

Viewing User Sessions Managing User Accounts Viewing User Sessions In the Navigation pane, click the Admin tab. On the Admin tab, click User Management. In the User Management pane, click the Sessions tab. View the following information about current user sessions: Tip Click a column header to sort the table rows, according to the entries in that column. Session ID column Username column IP Address column Type column Action column The unique identifier for the session. The username for the user. The IP address from which the user accessed the server. The method by which the user accessed the server. If your user account is assigned the admin user role, this column displays Terminate if you can force the associated user session to end. Otherwise it displays N/A. You cannot terminate your current session from this tab. 6 OL-23489-08

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information