|
|
|
The Notification Manager website supports three modes of login authentication, which are represented as options on the NM Security Options dialog. The three modes are:
The modes and the options you choose for them on the NM Security Options dialog are:
To forgo any authentication for website users, choose the None option on the NM Security Options dialog. When you choose None, passwords are not checked. This option is the default and is the same as what was done in previous releases. However, before using this option long term, you should thoroughly evaluate your security situation.
To specify that user names and passwords be checked against the Windows domain server, choose Windows Default Domain Server in the NM Security Options dialog. If you do not specify a name for the default domain server, the CA Automation Point server is used.
If you use Windows authentication, the CA Automation Point Server box must be running either in the domain where the authentication occurs, or in a domain that shares a trust relationship with the domain where the authentication occurs.
Note: The user can optionally specify an alternate Windows domain server when logging on to the website. This is done by using the backward slash character as a delimiter. For example, a user could specify the login user name as follows:
windomain_2\user_name
The login user name submitted for Windows authentication must match what is specified in the Notification Manager database. In the preceding example of specifying alternate domain, the login name specified in the Notification Manager database should also be windomain_2\user_name.
For the user name and password to be checked against an LDAP-compliant directory server, choose LDAP Default Login Server and specify the following options on the NM Security Options dialog:
The host name or host TCP/IP address of the default LDAP server (Required)
The host TCP/IP port number of the default LDAP server (Required)
The user DN prefix used to make up the final user DNs to authenticate the login with the server
The user DN suffix used to make up the final user DNs to authenticate the login with the server
Note: A DN (or Distinguished Name) is a unique identifier used by the LDAP server to authenticate logins. The final user DNs are in the concatenated form of the user DN prefix, the login user name supplied by the user, and the user DN suffix.
The user can optionally supply an alternate LDAP server and port number when logging on to the website. This is done by using the backward slash character as a delimiter. For example, the user could specify the user name as follows:
ldapserver_2:port_2\user_name
The login user name submitted for LDAP authentication must match what is specified in the Notification Manager database. In the preceding example of an alternate LDAP server and port number, the login name specified in the Notification Manager database should also be ldapserver_2:port_2\user_name.
Notification Manager provides two built-in login names that you can use initially to start up your site, as well as for subsequent transitions. These login names and their initial passwords are:
Identifies the built-in administrative login name, with a password "nmadmin"
Identifies the built-in guest login name, with a password "nmguest"
You can use these login names as a basis for authorization as well as authentication. For detailed information on these login names, see Secure the Notification Website
Important! We strongly recommended that you change these initial passwords before publishing the website.
| Copyright © 2012 CA. All rights reserved. |
|