Configure ldap user authentication – Epiphan Pearl Mini Live Video Production System with 512GB SSD (NA/JP) User Manual

Pearl Mini User Guide

Configure LDAP user authentication

Option

Operator admin functions

Shutdown device (Admin panel)

Restore factory configuration

Configure the name, location, and description

1

Only configuration presets that don't include the System group are allowed.

2

Allow operators to apply configuration presets that include the System group, as well as apply the factory

default configuration preset.

Assign administrative privileges to operators using the Admin panel

1. Login to the Admin panel as admin, see

Connect to the Admin panel

.

2. From the Configuration menu, select Security. The Security configuration page opens.

3. Under Additional operator privileges, check options to assign those administrator privileges to operators,

and then click Apply.

Configure LDAP user authentication

You can use the Lightweight Directory Access Protocol (LDAP) to authenticate users. Specify user roles by using
group DNs for users who log in as an Administrator, Operator, or as a Viewer.

The system has only one admin user and one operator. LDAP users must log in as either an admin or an
operator and do not have their own private profiles. Any LDAP users with the name admin, operator, or viewer
are ignored and the local accounts are used instead.

When enabled, LDAP authentication is an alternative to the regular system user names and passwords. You
may still login as admin, operator or viewer using the passwords for those accounts.

LDAP replaces the local viewer account instead of working side-by-side with it when LDAP is
enabled and the viewer account has no password (either there is no global viewer password
configured or the channel overrides the global password with a blank password). In this case, the
viewer must authenticate with LDAP and cannot use the default viewer account with a blank
password to log in.

For security reasons, you should configure passwords for the local accounts.

These instructions assume you have a pre-configured LDAP server. The server must support anonymous
binding or have a special bind account with search access privileges. Note that Active Directory does not support
anonymous binding. LDAP referrals, restrictions and failovers are not supported.

Configure LDAP authentication using the Admin panel

1. Login to the Admin panel as admin, see

Connect to the Admin panel

.

147