Difference between revisions of "Seon Enterprise user authentification"
(New page: == User authentification methods == Seon supports two user authentification methods. Addition methods could be implemented in the future. === internal authentification === The user will b...) |
|||
(One intermediate revision by the same user not shown) | |||
Line 18: | Line 18: | ||
auth required pam_deny.so | auth required pam_deny.so | ||
+ | ==== Documentation links ==== | ||
For more information on PAM, refer to the documentation, available at http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/ | For more information on PAM, refer to the documentation, available at http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/ | ||
Some possible modules are documented here: http://www.kernel.org/pub/linux/libs/pam/modules.html | Some possible modules are documented here: http://www.kernel.org/pub/linux/libs/pam/modules.html | ||
+ | |||
+ | An example on how to authentificate users via MS Active Directory: http://developer.novell.com/wiki/index.php/HOWTO:_Configure_Ubuntu_for_Active_Directory_Authentication | ||
+ | |||
+ | |||
+ | [[Category:Seon Enterprise]] |
Latest revision as of 13:48, 8 August 2017
Contents
User authentification methods
Seon supports two user authentification methods. Addition methods could be implemented in the future.
internal authentification
The user will be authentificated via a given username and a hashed password. This one-way hashed password is not recreatable and stored as a text field in the Seon database. If you want to authentificate users with given credentials, you have to define a username and a non-empty password. The user will be able to change his password via Seon Webaccess, the end-user interface.
PAM
PAM ("Pluggable Authentication Modules") support a dynamic mode of authentification of users. In this way, a system administrator is able to define how users of Seon will be authentificated. PAM is also used in many single-sign-on (SSO) environments. Many modules exist for PAM, so LDAP, MS Active Directory, NIS and other third-party authentification modes are available. In order to use PAM, you have to know the service name Seon uses. Its fix-coded value is
seon
So you have to create a file in your PAM configuration directory, which is in most cases
/etc/pam.d
The name of the file is the service name, so the absolute path to the Seon PAM configuration file is:
/etc/pam.d/seon
The content could be copied from existing configurations, the only method used is "auth
". Here an example:
auth required pam_nologin.so auth sufficient pam_securityserver.so auth sufficient pam_unix.so auth required pam_deny.so
Documentation links
For more information on PAM, refer to the documentation, available at http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/
Some possible modules are documented here: http://www.kernel.org/pub/linux/libs/pam/modules.html
An example on how to authentificate users via MS Active Directory: http://developer.novell.com/wiki/index.php/HOWTO:_Configure_Ubuntu_for_Active_Directory_Authentication