Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

ViPR Controller -Configuring AD Authentication

$
0
0

The default built-in administrative accounts may not be granular enough to meet your business needs, if this is the case then adding an authentication provider such as Active Directory which we highlight as part of this configuration allows you to assign users or groups to specific roles.

The example configuration provided here was part of an Enterprise Hybrid Cloud solution.

In order to apply this security configuration you will need to login as root. Select Security > Authentication Providers .
ViPR Controller -Configuring AD Authentication
Enter the appropriate values for the attributes, paying special attention to the requirements for the Manager DN user:

Name: Enter a suitable name for the authentication provider. (You can have multiple providers for different domains.)

Type: Select Active Directory or LDAP

Description: description of the authentication provider.

Domain: Enter the domain being used e.g. domain.local

Server URLs: Enter the ldap or ldaps (secure LDAP) IP address of the domain controller. The default port for ldap is 389 and is 636 for ldaps. Enter the port number if not using the default port e.g. ldap://<domain controller IP>:<port>

Manager DN:Enter the user account that ViPR uses to connect to Active Directory or LDAP server e.g. CN=adbind_vipr,OU=EHC,DC=domain,DC=local

Password: Enter the password for the adbind user
ViPR Controller -Configuring AD Authentication

4.The Group Attribute can remain at default CN.Indicates the Active Directory attribute that is used to identify a group. Used for searching the directory by groups.

5.The Group Whitelist should contain the Active Directory User Groups that will contain members requiring ViPR privileges.
ViPR Controller -Configuring AD Authentication
6. In the Search section, ensure the search filter is userPrincipalName=%u , set the Scope to Subtree and enter the Search Base (e.g. OU=EHC,DC=domain,DC=local), then click Save.
ViPR Controller -Configuring AD Authentication

7.To verify the configuration, add a user from the authentication provider at Security > VDC Role Assignments , then try to log in as the new user. (ViPR usernames should be in the format user@domain)


ViPR Controller -Configuring AD Authentication
ViPR Controller -Configuring AD Authentication

Viewing all articles
Browse latest Browse all 12749

Trending Articles