Security Providers: Enable LDAP, Active Directory, RADIUS, and Kerberos Logins
You can configure your Bomgar Appliance to authenticate users against existing LDAP, RADIUS, or Kerberos servers, as well as to assign privileges based on the pre-existing hierarchy and group settings already specified in your servers. Kerberos enables single sign-on, while RSA and other multi-factor authentication mechanisms via RADIUS provide an additional level of security. Click Configure New Provider to add a user or group server, and enter the appropriate information for your server connection.
Due to the technical complexity involved in properly integrating security providers with your Bomgar Appliance, the exact configuration is not discussed in this guide. For detailed instructions, please see the complete security provider configuration guides provided at www.bomgar.com/docs.
Once your security providers are set up, click Configure New Provider to set up clustered relationships. Clusters can operate in Failover mode for redundancy or Random Selection mode for load balancing. From the list of available providers, select which servers to cluster. Once you save your changes, the servers you have clustered will appear indented beneath their parent.
Drag and drop security providers to set their default priority. You can drag and drop servers within a cluster; clusters can be dragged and dropped as a whole. For more complex configuration, click on the Edit button of a server or cluster. For three scenarios – If the user is not found, If the provider is unreachable, or If authentication fails – you can choose to try the next server in the list, try a specific server, or deny login.
If authentication succeeds, you can choose simply to allow login or to look up the user’s group settings within a defined group server. To associate users with groups, you must first set up the user servers and group servers separately and then enable group lookup from the Edit page of the user provider.
IMPORTANT: Each user that authenticates against a security provider must be a member of at least one group policy that has at least one setting defined in order to log into Bomgar. A default group policy can be set for all users in a security provider. Pre-existing groups can also be assigned group policies from the Group Policies page. User providers and group providers must be linked in order for groups to be properly recognized and applied.