Before you install Safeguard Authentication Services Defender on your host, ensure that you have:
Assign the access node to the security server
Select the security policy for the access node
Add members to the access node
To integrate Defender with Safeguard Authentication Services, perform the tasks described in this section.
You use a security policy to specify which type of credential is to be sent to the Defender security server.
To create a security policy
An access node is used to associate a security policy and a Defender security server to a machine or subnet of machines. In order to complete this task, you need to know the IP address of the machine or IP address and subnet mask of the subnet of machines that you would like to secure with Defender and Safeguard Authentication Services.
To create an Access node
Select a Node Type of Radius Agent.
Note: pam_defender only works with Radius Agent.
Select the appropriate User ID for your environment based on the information below, then click Next.
The User ID you select must match the attribute that you are using in Safeguard Authentication Services for Unix user name. Look in the Preferences of the Control Center to determine which attribute Safeguard Authentication Services is configured.
User IDs |
Description |
---|---|
SAM Account Name |
This is the default Unix user name for Safeguard Authentication Services 5.0.1. It refers to the sAMAccountName attribute of the user. |
User Principal Name |
Previous versions of Safeguard Authentication Services used this as the default Unix user name. It refers to the userPrincipalName attribute of the user. |
Defender ID |
This refers to the defender-id attribute of the user, which is part of the Defender schema extension. You could configure this as the Unix user name, but One Identity does not recommend that. |
Proper Name |
This refers to the cn attribute of the user. |
© ALL RIGHTS RESERVED. Nutzungsbedingungen Datenschutz Cookie Preference Center