Authentication, About authentication, Configuring authentication – TANDBERG D14049.01 User Manual
Page 41: About authentication configuring authentication, Authentication process, Text goes here, Registration control
D 14049.01
07.2007
4
TANDBERG
VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
Text goes here
TANDBERG
VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
About Authentication
The VCS can be configured to use a username
and password-based challenge-response
scheme to permit endpoint registrations. This
process is known as authentication.
In order to authenticate with the VCS, the
endpoint must supply it with a username.
For TANDBERG endpoints using H.323, the
username is the endpoint’s
Authentication ID
;
for TANDBERG endpoints using SIP it is the
endpoint’s
Authentication Username
.
For details of how to configure
endpoints with a username and
password, please consult the
endpoint manual.
In order to verify the identity of the device,
the VCS needs access to a database on
which all authentication credential information
(usernames, passwords, and other relevant
information) is stored. This database may
be located either locally on the VCS, or on
an LDAP Directory Server. The VCS looks up
the endpoint’s username in the database
and retrieves the authentication credentials
for that entry. If the credentials match those
supplied by the endpoint, the registration is
allowed to proceed.
The VCS supports the ITU H.235 specification
[
] for authenticating the identity of H.323
network devices with which it communicates.
Authentication
Mode
On
: all endpoints must authenticate with the
VCS before registering.
Off
: no authentication is required for
endpoints.
The default is
Off
.
Authentication database
Determines which database the VCS will use
during authentication.
LocalDatabase
: the local database is used.
You must
to use
this option.
LDAP
: A remote LDAP database is used. You
must
to use this
option.
The default is
LocalDatabase
.
Configuring Authentication
To configure Authentication options:
VCS Configuration > Authentication > Configuration
You will be taken to the
Authentication Configuration
page (shown below).
•
•
Authentication username
The
Authentication Username
is the name that the VCS uses when authenticating with other systems. For example, when forwarding an invite from an
endpoint to another VCS, that other system may have authentication enabled and will therefore require your local VCS to provide it with a username
and password. Traversal clients must always successfully authenticate with traversal servers before they can be used.
The authentication username and password for your local VCS must be stored on either the local database or LDAP database (depending on which has
been enabled), along with all the other authentication usernames and passwords. When your local VCS receives an authentication request, it looks up
its own username in the database and sends the corresponding authentication credentials, along with the username, to the system that requested it.
If the username and authentication credentials match those stored on the requesting system’s database, the communication can continue.
Registration Control
Authentication password
Specifies the password to be used by the
VCS (in conjunction with the Authentication
username) when the VCS is authenticating
with another system.