Index


Overview

Statseeker allows users to be authenticated via the following methods:

  • File - authenticated directly with Statseeker server. The Statseeker admin account (an Apache user account used to manage the Statseeker installation), uses the file authentication method.
  • LDAP - use your existing Active Directory/LDAP authentication to manage access to Statseeker
  • RADIUS - use your existing RADIUS server to manage access to Statseeker
Note: while we support a combination of File and LDAP or File and RADIUS, Statseeker DOES NOT support a combination of LDAP and RADIUS authentication protocols on the same server.

[top]


File Authentication

The file authentication method requires that the Statseeker user account record specify a username and password and that when creating the user account the Authentication Method be set to File.

[top]


LDAP Authentication

Statseeker LDAP configuration allows you to use your existing Active Directory/LDAP authentication to manage access to the Statseeker web interface. This is done by:

  • Configuring Statseeker's access to your LDAP server
  • Creating a user account in Statseeker
  • Specifying that the user be authenticated via LDAP rather than Statseeker

The LDAP service will only provide authentication to access Statseeker, authorization to view and access functionality within Statseeker will still be handled by Statseeker's User/Group configuration.

[top]


Limitations

Statseeker:

  • Does not support LDAP group configuration statements/Active Directory group configurations
  • May not support some LDAP clustered environment configurations or active directory global catalogue server configurations
  • Requires that the LDAP server allow anonymous binds
  • Requires domain trusts to be configured to support multiple Active Directory domains

[top]


Configuring LDAP Authentication

To configure Statseeker for user authentication via LDAP:

  • Go to Administration Tool > Statseeker Administration > User Authentication
  • Click Edit
  • Click the LDAP radio-button
  • Specify the LDAP Server via a hostname or IP address
  • Specify the Port for the LDAP server, typically this is 389 or, when implementing Secure LDAP, 636
  • Specify the Base_DN, the distinguished name/container for the organizational unit containing your users

  • If you are implementing Secure LDAP (LDAPS), then check the Secure LDAP checkbox

This will display the option to import the CA Certificate associated with your LDAP configuration.

  • Select Add Trusted CA Certificate
  • Browse to the location of the certificate file, select the file and click Open

The file will be imported and verified as a valid CA Certificate file.

If you are connecting to an Active Directory server then:

  • Select Active Directory checkbox
  • This will display the additional fields required for Active Directory configuration.

  • Specify the Bind_DN, the active directory account user to search the LDAP directory and Bind_Password for this account
  • Specify the AD_Domain; the active directory domain name
  • Click Save



Note: saving an LDAP authentication configuration will remove any existing Statseeker RADIUS authentication configuration.

[top]


Enabling LDAP Authentication for a User

To enable LDAP authentication for a Statseeker user:

  • Go to Administration Tool > User Profiles/Grouping > Add/Edit Users
  • Select the user and click Edit
  • Set the Authentication Method to LDAP


[top]


RADIUS Authentication

Statseeker RADIUS configuration allows you to use your existing RADIUS server to manage access to the Statseeker web interface. This is done by:

  • Configuring Statseeker's access to your RADIUS server
  • Creating a user account in Statseeker
  • Specifying that the user be authenticated via RADIUS rather than Statseeker

The RADIUS server will only provide authentication to access Statseeker, authorization to access visibility and functionality within Statseeker will still be handled by Statseeker's User/Group configuration.

[top]


Configuring RADIUS Authentication

To configure Statseeker for user authentication via RADIUS:

  • Go to Administration Tool > Statseeker Administration > User Authentication
  • Click Edit
  • Click the RADIUS radio-button
  • Specify the RADIUS Server via a hostname or IP address
  • Specify the Port for RADIUS server communications, typically this is 1812
  • Specify the Shared Secret, for communication with the RADIUS server

  • Click Save


Note: saving a RADIUS authentication configuration will remove any existing Statseeker LDAP authentication configuration.

[top]


Enabling RADIUS Authentication for a User

To enable RADIUS authentication for a Statseeker user:

  • Go to Administration Tool > User Profiles/Grouping > Add/Edit Users
  • Select the user and click Edit
  • Set the Authentication Method to RADIUS


[top]