1. Manuals
  2. Brands
  3. Avaya Manuals
  4. Accessories
  5. IPBS1
  6. Installation and operation manual

Log In Using Kerberos; Disable Local Authentication; Configure Cross-Realm Authentication - Avaya IPBS1 Installation And Operation Manual

Ip-dect base station and ip-dect gateway
Hide thumbs
Table of Contents

Advertisement

Log in using Kerberos

1. Make sure that secure HTTPS protocol is used when logging in.
2. Login on the client using a server account. When prompted for user name, the name of the
realm has to be entered in front of the user name, separated by a backslash in the
following way: REALM\username or username@REALM.

Disable local authentication

It is recommended to disable local authentication after Kerberos authentication is configured. It
provides additional security and it is much easier to change the password of a user account or
delete a compromises user account on the Kerberos server than changing the local user
accounts on each IPBS/IPBL.
IMPORTANT: Make sure that the Kerberos authentication is working properly before disabling local
1. In the Delegated Authentication section select the Disable local authentication check box.
2. Click "OK".

Configure cross-realm authentication

Cross-realm authentication is used to authenticate users from another trusted realm. In this way
it is possible for IP-DECT users to login to the IPBS/IPBL using their Windows user name and
password in the Active Directory (AD). The trust relationship between the two realms is
confirmed by configuring a shared password on both servers in the realms. This password is
used to encrypt communication between the realms. To configure cross-realm authentication,
do the following:
Requirements for IPBS1, IPBS2 and IPBL:
Software version 6.1.X and later
l
NTP configured
l
Make sure that the device has been configured as a client in the system, see
l
client
on page 74.
Make sure that the AES and RC4 encryption types are enabled. Select General > Admin
l
and select the Enable AES and RC4 check box.
AD Server configuration for Windows 2008 R2 servers
1. The trust relationship must be configured in the AD server.Connect to the Windows 2008
R2 server.
2. In the Windows Start menu select Administrative Tools > Active Directory Domains and
Trusts
Avaya 374x DECT Telephones - User Guide
authentication. If the Kerberos authentication is not working and local authentication is
disabled it is not possible to access the IPBS/IPBL in any other way.
Operation
Set up the
77
02/2016
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Avaya IPBS1

Related Content for Avaya IPBS1

This manual is also suitable for:

Ipbs2Ipbl

Table of Contents