External Entry Hosts

An External Entry Host is location outside of Password Server that stores password information.  Once an External Entry Host is configured in Password Server, Password Server can connect to it to Import and Update information.

Supported Host Types

Auto Changer currently supports:

  • Active Directory
  • OpenLDAP
  • Linux, Unix, etc. (any *nix with passwd command available)

AD/LDAP User Directories which have been setup for User import, can be reused as a Host Type with the same configuration.

Setting up an External Entry Host

External Entry Hosts are managed from Advanced > Entries > External Entry Hosts. Only users with the "External Entry Hosts" permission can see this page.

 

 

The grid shows all the Hosts that have been configured.  Host configuration can be updated, but cannot be deleted if there is an External Entry from that Host in the system.

 

External Entry Host Configuration Fields

Common Fields
  • Name:
    • A name for the host. It can be anything.
  • Address:
    • The host server address (machine name, URL, IP, DNS entry)
Additional Fields
Active Directory / OpenLDAP Host Type
  • Port:
    • The port number to use when connecting to the server. Port 389 is commonly used for queries to an AD/LDAP server (or Port 636 for when SSL is enabled).
  • UseSSL:
    • Whether or not the connection uses SSL. Connecting using SSL requires a valid SSL certificate.
  • Authentication Type:
    • The authentication method used when connecting to a server. Active directory normally uses Microsoft Negotiate. Other LDAP servers may use Basic or Kerberos, depending on how they are configured.
  • Use Admin Credentials:
    • Connect to the directory as this user, who must have viewing and searching permissions on the directory subtree being searched. Otherwise the username and password associated to the user directory will be used to connect to it.
  • Unique Directory Id Attribute:
    • The name of name of the object attribute to read a Globally Unique Identifier from.  Configuring this allows Entries to be imported based on this Identifier rather than the DN.
  • User Name Attribute:
    • The name of the object attribute to map to the username field when importing an Entry.
  • Password Field:
    • The name of the object attribute to write the password to when pushing passwords to the LDAP server
  • Password Format:
    • The format that Password Server should use when pushing passwords to the LDAP server.
User Directory Host Type
  •  User Directory:
    • The Directory configuration to reuse for importing Entries. When importing and updating entries, Password Server will query the same host and use the same schema defined in the Directory configuration.
  • User Alternate Credentials:
    • Optional set of credentials to use for querying the Directory when importing and updating Entries.  If not set here, then Password Server will continue to use credentials in the Directory Configuration.
Unix Host Type
  • Port:
    • The port number to use when connecting to the Unix server. Communication with a Unix Host occurs over SSH which uses port 22 by default.
Tag page
You must login to post a comment.