Types of logon authentication

On initial installation, the program uses HTTP Authentication to validate users. This is a simple and effective means of authentication, well known throughout the industry, and might be all that is necessary to protect the server data from unauthorized access. However, HTTP Authentication does not permit easy logout of users, does not permit easy tracking of user logins, nor supports common security functions such as auto-logout or user lockout.

An administrator can change the type of authentication on the System > Logins > Security screen to permit other types of authentication, in particular, web screen authentication, and authentication using Active Directory. The administrator, as a first step in further securing the server, might want to enable Security Enhanced Functions on the System > Logins Security screen, including specifying a logon domain, and whether to use Active Directory authentication at the site.

Note

To configure Active Directory authentication (that is to allow you to log on using their standard enterprise username and password) the BMC Defender Server must be part of the domain, and the user's name must be first configured on the System > Logins > Users screen.


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*