Installation guide
Introduction 13
Authentication Server Options
Authentication Server Options
The administrator chooses a type of authentication to use for accessing the
OnBoard and for accessing each connected device, based on the
organization’s security policy. The installer needs to make sure an
authentication server is available for every authentication method used
(except for the “Local” authentication method).
The following list summarizes the authentication-related issues for the
installer:
• A different authentication method may be specified for accessing the
OnBoard and for accessing each connected device.
• The OnBoard must be on the same subnet as an authentication server set
up for every authentication method used.
• Each authentication server must be configured and operational.
• The administrator configuring the OnBoard needs to work with the
administrator of each authentication server to get user accounts set up and
to obtain usernames, passwords, and other information needed for
configuring access to the authentication server on the OnBoard.
For example, if LDAP authentication is to be used for logins to the OnBoard,
Kerberos for logins to an IPMI service processor, and RADIUS for logins to a
router that has a dedicated Ethernet port, then the OnBoard needs to have
network access to an LDAP, a Kerberos, and RADIUS authentication server,
and the administrator needs to perform configuration on the OnBoard to
enable contact with each type of authentication server.