Access Control

<< Click to Display Table of Contents >>

Navigation:  Web Reports > Settings >

Access Control

Access to the web reports can be restricted so that only authenticated and authorized users have access. Access control also supports multi-tenancy by giving users only access to data from certain hosts.

 

EventSentry's access control supports the following:

 

Create users and groups

Authenticate users via LDAP

Restrict users to a set of areas in the web reports

Control access to profiles

Block certain areas in web reports from users

Restrict users to view only data from specific hosts

 

info_24

The default user name for the first user is "admin" when enabling Access Control as part of the EventSentry installation.

 

Access Control can be enabled when you first setup EventSentry and the web reports, or at any time after that by navigating to Settings -> Access Control. When enabling Access Control, at least one user will have to be created ("admin" by default).

 

LDAP

By default, user accounts use built-in authentication where the user password is managed by the web reports. If you have a Windows Active Directory infrastructure then it's recommend to enable LDAP support, so that user do not have to manage multiple passwords. When enabling LDAP support, authentication can be deferred to a LDAP server when creating an account of type "Windows Authentication (LDAP)".

 

clip0066

 

To enable LDAP support, switch LDAP Support to "Enabled",  click the "Configure LDAP Server" link and specify the IP address or host name of a domain controller running LDAP.

 

Managing Users

clip0067

Users are added and removed by clicking the respective user icons in the "Users" tab. If LDAP support is enabled, users can either be enabled with Built-In Authentication or with Windows Authentication (see "LDAP" above). When creating users, you can specify:

 

User Name

Full Name

Password (Built-In Authentication only)

Email Address (for password recovery, built-in Authentication only)

 

Managing Groups

clip0068

Groups are added and removed by clicking the respective group icons in the "Groups" tab. The same privileges and permissions that can be assigned to users can also be assigned to groups.