beautypg.com

4 password management function, 4 password management function -23, Index app – Yokogawa Removable Chassis DX1000N User Manual

Page 29

background image

Explanation of the

Advanced Security Function

IM 04L41B01-05EN

1-23

1

2

3

Index

App

1.4 Password Management Function

With this function, you can manage access to the DX by using the Kerberos v5
authentication protocol.
For the setting procedure and operating instructions, see chapter 3.

System Configuration

The following figure shows the configuration of the authentication system.

Authentication

User account

User A

User B

User C

User D

User E

User F

Register user privileges.

KDC server

(Windows Server 2008/Windows Server 2003)

Changing the password

Log in

Sign record

User A

User B

A host account

DX

User C

User D

Log in

Sign record

DX

DX

A client PC

The authentication system consists of the devices listed below connected on an Ethernet.
• KDC server
Windows Server 2008 or Windows Server 2003. Manages the account of a DX on the

network (host account) and the user accounts for operating the DX.

• DX
Of the user accounts on the KDC server, you can specify which accounts to use (login

settings) on which DXs. You can also set different user privileges for each user on
each DX.

• Client PC for maintenance
This device is used to change user account passwords and for other maintenance. It

is not explained in this manual.

Operation

When you log in to the DX or use the signature function, you will be prompted for a
user name and password (the password management function does not use user IDs).
The DX will then perform the communication with the KDC server that is necessary
for authentication. When authentication finishes, you can operate the DX. The server
manages the passwords and their periods of validity. Web-server users are not managed
by this function.
If the connection to the KDC server is broken, or if no users can be authenticated for
some other reason, you can operate the DX using a special user account (root).
See “Note” in section 3.2.

Note

• For configuration instructions for Windows Server 2008/2003, see the Communication

Manual.

• Cross-realm authentication (authentication of different domain names) is not supported.
• You cannot change user account passwords from the DX.

This manual is related to the following products:
See also other documents in the category Yokogawa Sensors: