42
D13898.06
MAY 2008
TANDBERG
CONTENT SERVER
ADMINISTRATOR GUIDE
Authentication Modes
Site Settings
Local Authentication
In local authentication mode, only users with valid local accounts who have been added through the
User Management
page will be able to log in. Local
authentication can be used if there are not a lot of users using the Content Server, since every account has to be manually set up through the Windows Server
administration menu.
Both LDAP and Domain authentication methods require the details of a Microsoft Active Directory Server to be entered in the Authentication section. At
this time, only Microsoft Active Directory Server is supported by the TANDBERG Content Server.
Clicking on the
Save
button (see
) will perform a check of the LDAP server settings as the Content Server attempts to bind to the LDAP
server. Changes to Site Settings will not be saved if the LDAP settings entered are incorrect.
Domain Authentication
Domain authentication can only be used if the Content Server has been added to a domain. If you add the Content Server to an existing domain, you need to
define a separate security policy for the Content Server, otherwise the existing security policies may prevent the server from functioning correctly. Please contact
your authorized TANDBERG reseller or partner for details of the recommended security policy settings.
Under Domain authentication, users with domain accounts and local users are able to log in. The local administrator account can be used to administer the
server, or some domain users can be given administrative privileges.
LDAP Authentication
LDAP authentication does not require the Content Server to be added to a domain.
Before changing authentication from local to LDAP, the local administrator must add at least one LDAP user with administrative privileges to the Content Server.
To do this, go to User Management > Add Users and enter at least one valid username in the Add Administrators section.
Under LDAP authentication local users cannot log in using the standard login method. However, the local administrator can log in by adding the following string:
#page:login&rescue:true to the end of the Content Server URL of the browser:
Example: The URL will look something like:
http://<ContentServerIPaddress>/tcs/#page:login&rescue:true
Hit the Enter key on your keyboard and log in with the local administrator account in the resulting pop-up window.
While it is possible for the local administrator to login using this method, it is more convenient to give an LDAP user account administrative privileges.
About Authentication
This section allows you to configure
authentication modes for the Content Server.
Authentication determines how users log in to the
Content Server and the username and password
that they must use. For more information, see
also the
section.
There are three modes of authentication
supported by the Content Server:
Local
•
LDAP
•
Domain
•
These are each explained in the section that
follows.
Administrators and Owners always need to
authenticate. Users wanting to view conferences
can log in, or they can be given guest access to
view some or all conferences without logging in.
For more information on configuring guest access,
see the
section.