Before you install Authentication Services Defender on your host, ensure that you have:
To integrate Defender with Authentication Services, perform the tasks described in this section.
You use a security policy to specify which type of credential is to be sent to the Defender security server.
To create a security policy
An access node is used to associate a security policy and a Defender security server to a machine or subnet of machines. In order to complete this task, you need to know the IP address of the machine or IP address and subnet mask of the subnet of machines that you would like to secure with Defender and Authentication Services.
To create an Access node
Select a Node Type of Radius Agent.
Note: pam_defender only works with Radius Agent.
Select the appropriate User ID for your environment based on the information below, then click Next.
The User ID you select must match the attribute that you are using in Authentication Services for Unix user name. Look in the Preferences of the Control Center to determine which attribute Authentication Services is configured.
|SAM Account Name||This is the default Unix user name for Authentication Services 4.1. It refers to the sAMAccountName attribute of the user.|
|User Principal Name||Previous versions of Authentication Services used this as the default Unix user name. It refers to the userPrincipalName attribute of the user.|
|Defender ID||This refers to the defender-id attribute of the user, which is part of the Defender schema extension. You could configure this as the Unix user name, but One Identity does not recommend that.|
|Proper Name||This refers to the cn attribute of the user.|