OA/VCM security/authorization options

pakm11 — Tue, 13 Jul 2010 14:42:03 GMT

Hi,

For OA/VCM access control, what are you using?
For access control I mean preventing admins logging in with shared "administrator" user account. Instead people use their own accounts to login to OA/VCM.
Those of you enabled AD integration, are you happy with it?
Is there a way to disable remote admin level access, and force users to login as themselves and then switch user to perform admin tasks?

Thanks.

Re: OA/VCM security/authorization options

WFHC-WI — Tue, 13 Jul 2010 15:22:01 GMT

hi pakm,

AD integration works well for us. One caveat is that VCM (and older fw revs of OA) do not allow sub-OU searches. Therefore we implemented a solution where all OA/VCM accounts are in a single OU, and groups are constructed based on needed permissions.

Be cautious when you disable local accounts. If your LDAP settings change without notice you can end up not being able to log in at all.

There is no secondary login method available. However you can modularly assign rights depending on what specific users need.

Auditing can enhance your security solution. Have OA/VCM write to a syslog server and monitor this for changes and logins.

good luck, if you appreciate the answers we appreciate the points!

topic OA/VCM security/authorization options in BladeSystem - General

OA/VCM security/authorization options

Re: OA/VCM security/authorization options