Applies to:
Kyvos Enterprise Kyvos Azure Marketplace
Kyvos AWS Marketplace Kyvos Free (
...
| Info |
|---|
From Kyvos 2023.3 onwards, you can see the last performed Kyvos Authentication operation details, including progress status and start time, by clicking the i icon located next to the Revert button. To view more comprehensive details, simply click the View Details link, which will take you to the Operations page where you can view the operation information in detail. |
Use this page to configure authentication type governing user login for the Kyvos web portal.
...
The fields mentioned in this table vary according to the chosen Authentication System.
Settings
Parameter/Field
Comments/Description
LDAP Settings
Alias
Specify a unique alias name for the LDAP account.
Directory Type Select the directory type from the list. Referral Mode
Select the mode for the service providers to indicate how to handle referrals.
- Ignore: Ignore referrals.
- Follow: Automatically follow any referrals.
- Throw: Throw a Referral Exception error for each referral.
Host Name
Enter the hostname or IP address of the authentication directory server.
Port Enter the port on which the directory server is listening. User DN Enter a unique name for the user that the application will use when connecting to the directory server.
For example, cn=user,dc=domain,dc=name for user@domain.name.Password Enter the password for the user.
NOTE: If not specified, the last provided password will be used. To change, enter a new password.Use Secure Layer
Select this check box if SSL is configured. You will have to upload the SSL certificate for this.
SSL Certificate
Upload the SSL certificate file for use with the authentication directory.
Schema Settings
Base DN
Enter the name that the application will use when connecting to the directory server.
If you are searching for users in the Admin department of example.com, then the Base DN would be dc=example,dc=com, and the User DN would be cn=admin,dc=example,dc=com.
If you have a group within in the admin called ITadmin, then the User DN would be cn=admin,ou=ITadmin,dc=example,dc=com.
Additional Group DN
Enter the additional group DN details (if any).
Additional User DN
Enter the additional user DN details (if any).
Group Filter
Enter the details of group filters (if any).
User Filter
Enter the details of user filters (if any).
Specify the sync level for the user group from:
- Bootup: The system searches for changes at every bootup and syncs the users with the LDAP directory.
- Incremental: The system search for changes whenever new data comes in and syncs the users with the LDAP directory.
- Never: The system does not sync user information from the LDAP directory.
NOTE: If User Group Sync Level is set to Incremental, any changes to LDAP Password, User Filter, and Group Filter will not require BI Server restart.
Show sync and timeout settings Click to specify the sync and timeout settings:
- Import Users As: Select the default role for all users being imported from the LDAP.
- Read Timeout: Specify the timeout interval (in seconds) for reading data from LDAP.
- Search Timeout: Specify the timeout interval (in seconds) for searching new data from LDAP.
- Connection Timeout: Specify the timeout interval (in seconds) for connecting to the LDAP directory.
- Custom Attributes: If needed, add custom attributes for users being imported from LDAP.
Kerberos Settings
Server
Enter the hostname or IP address of the Kerberos server.
Realm
Enter the hostname or IP addresses of the Kerberos realm nodes. A Kerberos realm is a set of managed nodes that share the same Kerberos database
Mode
Select the login mode for Kerberos from:
- You can also define multiple LDAP accounts. For this, click on the left.
- You can also duplicate an existing LDAP configuration, for this use the Duplicate option, as shown.
- Click the Validate button to authenticate and verify the LDAP configurations. For multiple LDAP accounts, you also use the Validate All button from the three-dots menu to validate all the LDAP accounts at once.
...