beautypg.com

User authentication with directory services – Guntermann & Drunck DVICenter DP16 Config Panel User Manual

Page 42

background image

Network functions of the devices

40 · G&D DVICenter

User authentication with directory services

In in-house networks, the user accounts of different users are often administrated by

a directory service. The device can access such a directory service and authenticate

users against the directory service.

The directory service is exclusively used to authenticate a user. The user rights are

assigned within a database of the KVM system. The following paragraphs describe the

different scenarios:

The user account exists within the directory service and the KVM system

The user can log in with the password stored in the directory service. After the

login, the user is assigned with the rights of the correspondent account in the

KVM system.

The user account exists within the directory service, but not within the KVM system

A user that has been successfully authenticated against the directory service, but

does not have an account of the same name within the database of the KVM sys-

tem, is assigned with the rights of the RemoteAuth user.
If required, change the rights of this particular user account to set the rights for

users without a user account.

The user account exists within the KVM system, but not within the directory service

If the directory service is available, it reports that the user account does not exist.

The access to the KVM system is denied to the user.
If the server is not available, but the fallback system is active (see below), the user

can log in with the password that is stored within the KVM system.

NOTE:

If the Admin user account cannot be authenticated by the directory service,

the user account is authenticated by the device’s data base.

NOTE:

The password which the user used to log in, is taken over into the data-

base of the KVM system.

ADVICE:

Deactivate the RemoteAuth user to prevent users without user accounts

to log in to the KVM system.

IMPORTANT:

Mind the following safety instructions to prevent a locked or deac-

tivated user from logging in to the system in case the connection to the directory

service fails:

If a user account is deactivated or deleted in the directory service, this action

can also be carried out within the user database of the KVM system.

Only activate the fallback system in reasonable exceptional cases.

This manual is related to the following products:
See also other documents in the category Guntermann & Drunck Equipment: