Authentication validates the user's identity based on some credentials, for example, a username/password combination or a client certificate. You can use any of the following methods to authenticate users:
None - Management and Security Server does not present a login screen. Any user can access their assigned sessions without being prompted for credentials. Session authorization is not available.
NOTE:If you set the authorization method to None, be aware that all users are logged in as Guest. During session configuration, it is best not to allow users to modify their session settings (User Preference Rules), as they can overwrite each other’s choices.
LDAP - Management and Security Server makes a read-only connection to your existing LDAP (Lightweight Directory Access Protocol) server to verify usernames and passwords. You can also use LDAP to authorize session access. LDAP is an industry standard application protocol for accessing and maintaining distributed directory information services over a network.
X.509 with LDAP Failover - X.509 is a standard for managing digital certificates and public-key encryption. When you use certificate-based authentication, you can specify the certificate source and setting for LDAP failover if certificate-based authentication fails.
Single Sign-on through Windows authentication - This option uses the NT LAN Manager version 2 (NTLM) protocol to authenticate users. When a user logs into the Windows domain and requests a session using a web browser that supports integrated authentication though NTLM, a secure hash of the user's credentials is sent to a domain controller for verification. Once verified, the Administrative Server establishes an authenticated HTTP session with the user's browser.
Microsoft Internet Explorer, as well as other web browsers, support integrated authentication through NTLM, but other browsers may require additional configuration to enable this functionality.
The computer running the Administrative Server does not have to be a member of the Windows domain.
Single Sign-on through IIS - This option uses Microsoft IIS web server. This option requires no additional setup as long as you used the automated installer and chose to integrate with IIS during the installation process. You can find more information on install configurations in the Management and Security Server Installation Guide.
SiteMinder - To enable this option on a Windows system, install both the Administrative Server and a SiteMinder web agent on the same machine as IIS, and set up the server to use your IIS web server.
The access control setup options will vary based on your selection.
Related Topics