Create user groups on the portal server – VBrick Systems Portal Server ETV v4.1 User Manual

80

© 2007 VBrick Systems, Inc.

Both methods can be used simultaneously. If LDAP authentication is enabled, the ETV
Portal Server will attempt to authenticate against the LDAP server first, and if this is
unsuccessful, will attempt to authenticate against the local ETV Portal Server User Database.

VBrick Database

If authentication is enabled, you must select a database (either VBrick or LDAP). The VBrick
(ETV Portal Server) user database contains user, group, and resource information that
provides the Portal Server with information to allow it to provide the appropriate privileges
to users and Set-Top Boxes that are accessing the system. Administrators should authenticate
users with the native Portal Server user database if:

•

User authentication is required, but the organization does not have an LDAP server.

•

For STBs, the organization wishes to use User PINs. Since User PINs are not available in
the LDAP directory, the users need to be created in the ETV Portal Server database
(Note: only those users that need PINs to access STBs need to be created in the ETV
Portal Server database. PC or Mac users can still be authenticated against LDAP).

LDAP Directory Server

An LDAP directory server contains User and Group information which the ETV Portal
Server can authenticate against to verify User's identities. The Portal Server then uses this
information to authorize users to access the system. Administrators should authenticate users
with an LDAP Directory server if:

•

The organization has an LDAP server that they actively manage to allow products to
authenticate.

•

The ETV Portal Server administrator can obtain the necessary configuration information
from the LDAP administrator to allow the authentication to occur.

Using LDAP reduces the amount of administrative time necessary to add and modify users
from the ETV Portal Server system. VBrick Systems encourages customers who have LDAP
directories implemented to use them for authentication with the ETV Portal Server.

3. Create User Groups on the Portal Server

Grouping users is common practice and makes administering access to the ETV Portal
Server less complicated than administering access by individual user. The ETV Portal Server
allows the administrator to create groups, specify group memberships for users, and set
access privileges for the group. A user can be a member of one group or multiple groups.
Group access privileges also can be set and modified on a per group basis.

If an LDAP directory is being used for Authentication, the same group information that is
available in the directory can be used to Authorize end users to access the ETV Portal Server.
For example, if the organization has three User Groups in its LDAP directory—Marketing,
Engineering, and Sales—they can simply create these groups in the ETV Portal Server
system, and assign privileges to the groups.

VBrick Database

The native ETV Portal Server user database provides local
authentication for users and administrators.

LDAP Database

Enables the ETV Portal Server to authenticate against, and retrieve
user and group data from, an existing LDAP server.