Changing the authentication method for administrator accounts
| Article:HOWTO81227 | | | Created: 2012-10-24 | | | Updated: 2013-01-30 | | | Article URL http://www.symantec.com/docs/HOWTO81227 |
After you add an administrator account, the user name and password are stored in the Symantec Endpoint Protection Manager database. When the administrator logs on to the management server, the management server verifies with the database that the user name and password are correct. However, if your company uses a third-party server to authenticate existing user names and passwords, you can configure Symantec Endpoint Protection Manager to authenticate with the server.
Table: Authentication methods displays the authentication methods the management server can use to authenticate administrator accounts.
Table: Authentication methods
For the third-party authentication methods, Symantec Endpoint Protection Manager has an entry in the database for the administrator account, but the third-party server validates the user name and password.
To change the authentication method for administrator accounts
Add an administrator account.
On the Authentication tab, select the authentication method.
To authenticate administrators who use an RSA SecurID mechanism, first install the RSA ACE server and enable encrypted authentication for RSA SecurID.
See Configuring the management server to authenticate administrators who use RSA SecurID to log on.
See Authenticating administrators who use RSA SecurID to log on to the management server.
To authenticate administrators using an Active Directory or LDAP directory server, you need to set up an account on the directory server. You must also establish a connection between the directory server and Symantec Endpoint Protection Manager. If you do not establish a connection, you cannot import users from an Active Directory server or synchronize with it.
Note:
Synchronization is only possible for Active Directory Servers. Symantec Endpoint Protection does not support synchronization with LDAP servers.
You can check whether the directory server authenticates the account name by clicking Test Account.
See Connecting Symantec Endpoint Protection Manager to a directory server.
See Best practices for testing whether a directory server authenticates an administrator account.
Click OK.
In the Confirm Change dialog box, type the password that you use to log on to Symantec Endpoint Protection Manager, and then click OK.
When you switch between authentication methods, you must type the administrator account's password.
|
|
Legacy ID
v9542292_v81626096
Article URL http://www.symantec.com/docs/HOWTO81227
Terms of use for this information are found in Legal Notices
Thank you.