Configuring User Authentication Options¶
General options for authentication criteria, device ownership, logon recovery, and restrictions can be found under Preferences > User Authentication > User Authentication
- Authentication Criteria
- Select Node or Device (Mac+IP or MAC).
- Authorized IP
- Specify whether to automatically set Authorized IP as IP address first authenticated from. This applies when the Authorized IP in the User Management settings is blank.
- Authorized MAC
- Specify whether to automatically set Authorized MAC as MAC address first authenticated from. This applies when the Authorized MAC in the User Management settings is blank.
- Automatic Ownership
- Specify whether to automatically assign User and Department ownerships to IP and/or MAC when a user is authenticated.
- Regex for Username
- Enter a regular expression to validate username.
- Hiding Username
- Hide username under asterisks during authentication/
- Log Out Button
- Specify whether to display Log Out button in CWP page.
- Find Username / Reset Password
- Enable or disable recovery for lost username/password.
- Verification code valid time
- Set the validity code valid time for sms 2 factor authentication ( 2fa / mfa )
- Displaying Authentication Info
- Specify whether to display User Authentication Information in Agent Tray Menu and CWP page.
- User Info for Node Info
- Specify whether to add User Information (Name and Description) into Node Information for User Account Request approval.
Configuring Authentication Options by Single node¶
- Click a node IP Address and select Policy tab
- Select one option under User Authentication Policy
- Comply with Authentication Policy under Node Policy
- Require User Authentication (Allow All Users)
- Require User Authentication (Allow Specified User(s))
Configuring Authentication Options by Group¶
Node Authentication policies determine when and how nodes of a given group will be required to authenticate, as well as the conditions of the process.
To configure options for authentication methods, requirements, time restrictions and logon procedure, select a node policy under Policy > Node Policy > [Policy Name] and scroll down to Advanced > Authentication in the main panel.
- Authentication Method
- Select Host Authentication (Allow by node identity) or Password Authentication.
- For Password Authentication specify allowed Authentication Sources and Enable/Disable 2 Factor Authentication. ( 2fa / mfa )
- Single Sign-On Method
- Select Active Directory, External API or Genian API and enter required info.
- Auth User Group
- Select a user group to allow for authentication from the policy member nodes.
- Enable to log out users after a set time period.
- Auto-Logout For Down Node
- Enable to log out users after a node link status is down for a set time period.
- Reauthentication Interval
- Specify how often to renew authentication.
- Session Timeout Notification
- Specify time prior to the login session expiration that you want to notify users.
- Agent required.
- Custom User Login Page URL
- Specify URL for a custom user login page which will be redirected when a user clicks a Login button in CWP page.
- Authentication at Startup
- Specify whether to require Authentication when the computer restarts or wakes.
- Agent required. Not compatible when Single Sign-On is enabled.
- Display Name of Username
- Specify a display Name of Username for use on Captive Portal and Agent Authentication prompt.
- Display Name of Password
- Specify a display Name of Password for use on Captive Portal and Agent Authentication prompt.