Allowing Console administrators to log on using enterprise directory credentials
Complete the following steps to let administrators log on to the Configuration Console using their existing enterprise credentials.
You can log on to the VIP Enterprise Gateway Configuration Console as a local administrator with the user name and password that you set when you installed the VIP Enterprise Gateway software. However, you can also let administrators log on to the Configuration Console using their existing enterprise credentials, such as their LDAP authentication credentials. After the Console administrators log on to the Configuration Console, all actions that they perform are logged under their name. Such specific logs help to make the management of VIP Enterprise Gateway easier.
- To allow Console administrators to log on with enterprise credentials:
- From theUser Storetab, click theConsole Authenticationlink.
- If you are configuring Console administrator access for the first time, you are prompted to continue configuration. ClickYes.
- Complete the following fields as required and clickSave.FieldDescriptionUser StoreNameSelect the user store that contains the user information of the Console administrators that you want to authenticate. Console administrator access to the Configuration Console is authenticated against this user store.TypeDisplays the type of user store (LDAP).Search CriteriaBase DNThe Base DN string indicates where to start searching for user information within the LDAP server. For example:DC=acme,DC=comThis field can be blank for AD Global Catalog.User FilterSpecify your user store filters for constraining access to those Console administrators that you want to authenticate.
- To search for a user, use the format(&(uid=%s)(objectclass=organizationalPerson))
- To search for a user in AD, use the format(&(&(objectClass=user)(objectCategory=person))(sAMAccountName=%s))
- To search for a user in AD with Groupmembership enabled, use the format:(&(&(objectClass=user)(objectCategory=person))(sAMAccountName=%s)(memberOf=cn=Security_group,cn=Users,DC=sales,DC=acme,DC=com))
Replace%swith the logging user name.Group FilterSpecify your user store filters for constraining group membership and role of Console administrators that can use their enterprise directory credentials to log on to Configuration Console (if not the default).Test SettingsTest User NameAn existing user ID (required to verify that the configuration is working).