1. Manuals
  2. Brands
  3. Novell Manuals
  4. Software
  5. SENTINEL RAPID DEPLOYMENT 6.1 - INSTALLATION GUIDE...
  6. Installation manual

Managing Time; Ldap Authentication; Configuring The Sentinel 6.1 Rapid Deployment Server For Ldap Authentication - Novell SENTINEL RAPID DEPLOYMENT 6.1 - INSTALLATION GUIDE 12-2009 Installation Manual

Hide thumbs
Table of Contents

Advertisement

4.8.3 Managing Time

You must connect the Sentinel Server to an NTP (Network Time Protocol) server or other type of
time server. If the system time across machines is not synchronized, the Sentinel Correlation Engine
and Active Views do not work properly. The events from the Collector Managers are not considered
to be real-time and are therefore not sent directly to the Sentinel database, bypassing the Sentinel
Control Centers and Correlation Engines.
By default, the threshold for real-time data is 120 seconds. This can be modified by changing the
value of
esecurity.router.event.realtime.expiration
file. The Sentinel event time populates based on the Trust Device Time or the Collector Manager
Time. You can select the Trust Device Time while configuring a collector. Trust Device Time is the
time when the log was generated by the device and the Collector Manager Time is the local system
time of the Collector Manager system.

4.9 LDAP Authentication

A Sentinel 6.1 Rapid Deployment server can be configured for LDAP authentication to enable users
to log in to Sentinel by using their Novell
credentials.
Section 4.9.1, "Configuring the Sentinel 6.1 Rapid Deployment Server for LDAP
Authentication," on page 42
Section 4.9.2, "Configuring LDAP Failover Servers," on page 46
Section 4.9.3, "LDAP Authentication without Performing Anonymous Searches," on page 47
Section 4.9.4, "Migrating LDAP Users from Sentinel 6.1 Rapid Deployment Hotfix 2 to
Sentinel 6.1 Rapid Deployment SP1," on page 48
4.9.1 Configuring the Sentinel 6.1 Rapid Deployment Server for
LDAP Authentication
To configure Sentinel 6.1 Rapid Deployment for LDAP authentication:
1 Export the self-signed certificate of the Certificate Authority (CA) for the eDirectory/Active
Directory tree to a Base64-encoded file.
eDirectory: For more information on exporting an eDirectory CA certificate, see
Organizational CA's Self-Signed Certificate (http://www.novell.com/documentation/edir88/
edir88/?page=/documentation/edir88/edir88/data/a7elxuq.html).
For exporting an eDirectory CA certificate in iManager, the Novell Certificate Server
ins for iManager must be installed. For more information on installing an iManager plug-in, see
Downloading and Installing Plug-in Modules (http://www.novell.com/documentation/
imanager27/imanager_admin_273/?page=/documentation/imanager27/imanager_admin_273/
data/hk42s9ot.html).
Active Directory: For more information on exporting an Active Directory CA certificate, see
How to enable LDAP over SSL with a third-party certification authority (http://
support.microsoft.com/kb/321051).
42
Sentinel 6.1 Rapid Deployment Installation Guide
in the
®
eDirectory
or Microsoft* Active Directory*
TM
event-router.properties
Exporting an
plug-
TM

Advertisement

Table of Contents
loading

Related Manuals for Novell SENTINEL RAPID DEPLOYMENT 6.1 - INSTALLATION GUIDE 12-2009

Related Content for Novell SENTINEL RAPID DEPLOYMENT 6.1 - INSTALLATION GUIDE 12-2009

This manual is also suitable for:

Sentinel rapid deployment 6.1

Table of Contents