action.skip

Setting up Authentication

The following content is available in the Databridge Installation Guide.

The first time the console is run, use dbridge for the User Name and Password. Once signed in, click to expand the left navigation menu.

Select Authentication to configure authentication for the Databridge Administrative Console.

From the Authentication type drop-down, select either LDAP (default) or Simple authentication.


Setting up LDAP

To set up LDAP for the site, contact your IT personnel and ask them to provide the needed information.

Connect via Remote Desktop to your site's network authentication server and open an elevated Command Prompt (or ask an authorized user to perform the task below).

  1. To search the entire domain use the first line returned from a dsquery* command as the base DN. To limit the scope of the base DN, one can use an OU. Running a dsquery OU will provide a list of Organizational Units from which the base DN can be selected. Enter this information into the Search base DN input field.

    Example

    "CN=example, CN=com" or "OU=DBUser, CN=example, CN=com"

  2. To get the value for the Administrator DN input field enter the command "dsquery user -name username, where username is the userid of an administrator on the authentication server. Copy the output line, and paste it into the Administrator DN input field.

  3. Enter the hostname of the network authentication server into the Host Name input field.

  4. Enter the password for the administrator (from step 2) into the Administrator password input field.

  5. Ensure that the default port of 389 is correct for your site.

  6. Select Save.

These changes take effect only after restarting the service. At this point, you can connect to the Administrative Console from a browser using your network credentials; however, this alone is not enough to gain access to the Client Managers.

To access the Client Manager(s), an administrator must assign a role to the users (userids) that need access to the Client Manager(s). The pre-defined roles are Administrator, Operator, User, or Custom. For more information on user permissions, see the Manage Users section of this guide.

Caution

How do you gain access to the Client Manager to assign roles?

When upgrading, the userids and roles are honored in the new Administrative Console.
Other ways to gain access:

  • dbridge will be available from the Client Manager configuration file to get initial access to the Client Manager page with permissions to manage users.
  • the dbridge userid and password is automatically added as an administrator for the first sign-on to the Client Manager after an upgrade. The service will automatically detect if there was an upgrade the first time it is started.


Creating Userid/Password Pairs

When Simple authentication is setup, the administrator needs to add the userid/password pairs as seen in this screenshot.

Enter as many userid/password pairs as needed. Users can access this dialog in the same way as an administrator, but they will only be able to view and change their own password. Userids and passwords are stored in the file osp-users.csv in the sub-directory microservices\auth-service of the install directory for the Administrative Console, and all passwords are encrypted.

Userids assigned with Simple authentication behave in the same manner as the LDAP userids. Userids must be registered with each Client Manager in exactly the same way as LDAP users.

For more information on granting access to the Client Manager(s), see the Manage Users section.

Caution

Change the password for the userid dbridge as soon as possible. Leaving the password value dbridge can lead to unauthorized access to the Administrative Console.