The administrator can authenticate to connect to Dr.Web Server using one the following methods:
•Internal authentication: using administrator account information stored in the Dr.Web Server database.
•External authentication:
▫Using the common LDAP/AD settings, which allow connecting to LDAP and Active Directory servers.
▫Using the RADIUS protocol.
▫Using PAM (for Dr.Web Servers running Unix-like OSs).
▫Using Active Directory (for Dr.Web Servers running Windows OS).
When upgrading Dr.Web Server from a previous version, authentication via the LDAP protocol may also be available if it was enabled in the previous version.
|
After disabling LDAP authentication the corresponding section will be excluded from the Control Center settings. This section is not available during the initial installation of Dr.Web Server. |
The predefined administrator account admin can be used for the initial login to the Control Center.
When using internal authentication, you need to manually create any additional administrator accounts (see Creating and Deleting Administrative Accounts and Groups).
When using any external authentication method, a new administrator account is created automatically when the administrator successfully logs in to the Control Center for the first time. The account is automatically placed in the Newbies administrator group (see Hierarchy of Administrators) and requires manual reassignment to the required group. This can be done either manually by editing the administrator account (see Editing Administrative Accounts and Groups) or automatically using a user hook (see section User Hooks, as well as the Appendices, section M1. Administrators).
|
Administrator login must be unique. Administrators will not be able to connect via external authentication systems if an administrator with the same login already exists on Dr.Web Server. |
Authentication methods are used sequentially according to the following principles:
1.First, an attempt is made to authenticate the administrator using the Dr.Web Server DB data.
2.The order in which the authentication methods via external systems are used depends on the order in which they are used in the settings specified in the Control Center.
3.Authentication methods via external systems are disabled by default.
To change the order of authentication methods
1.Select Administration in the main menu of the Control Center.
2.Select Authentication in the control menu.
3.The list of authentication methods is displayed in the order of their use. To change this order, drag the authentication methods in the list and place them in the required order.
4.Restart Dr.Web Server to apply changes.
|
Each time you save changes to the Authentication section, a backup copy of the previous version of the configuration file with authentication parameters for administrators is automatically saved. Only the last 10 copies are stored. The backups are located in the same folder as the configuration file itself and named according to the following format: <file_name>_<creation_time> where <file_name> depends on the authentication system: auth-ads.conf, auth-ldap.conf, auth-radius.conf, auth-pam.conf. You can use the created backups, in particular, to restore the configuration file in case the Control Center interface is not available. |