Considerations for selecting an authentication technology
BMC Server Automation can be used with several possible authentication technologies. The following table summarizes key considerations for selecting among the available authentication technologies:
Technology | Pro | Con | Notes |
|---|---|---|---|
Secure remote password (SRP) | Not dependent on any other infrastructure; works out of the box. | Requires administration of BMC Server Automation users. | Suitable for installations with a very small BMC Server Automation user population. |
Microsoft Windows Domain Authentication | Simple to set up; leverages Active Directory. | Requires users to authenticate when first connecting. | In most environments, this is the likely first choice of an authentication technology. |
Active Directory with Kerberos | Windows users do not need to authenticate explicitly. | Requires registry changes on workstations, which may not be possible in all environments; requires the user to log on with the account that he or she uses to log on to the desktop. | Offers a single click to log on. |
LDAP Authentication (for example: Microsoft Active Directory, Novell Directory, Oracle Sun Java System Directory Server) |
|
| Appropriate for environments in which an LDAP service already exists and neither Windows Domain Authentication nor AD/Kerberos are available. |
RSA SecurID |
|
| Appropriate for environments already using this technology. |
Active Client 6.1 (PKI with CAC cards) |
|
| Appropriate for environments already using this technology. |