Skip to main content
Version: 4.2

Access Control

Access Control enables the administrator to enforce authentication and authorization in the web interface. Users can be given roles which possess different capabilities, controlled by an administrator.

Preparations of the user directory

The DD1000i supports integration with both Microsoft Active Directory and OpenLDAP servers. If any other user directory is to be used, please contact Advenica Customer Services. The affected users must be given memberships in the chosen groups. These groups will then be referred to in the DD Manager for authorization. The following is required of the user directory setup:

  • The user directory must be set up with TLS v1.3 encrypted sessions.
  • The user directory must be configured to return the memberOf attribute for each user.

Local admin

The connection between the DD Manager and the user directory is configured in the Local admin.

Configure groups

Which capabilities each user group possess is configured from the DD Manager by an administrator.

info

Cookies must be enabled in the DD Manager browser when using Access Control.

Capabilities

A capability is a predefined collection of actions within the DD Manager. Capabilities are given to user groups via the DD Manager. Users are added to user groups in the user directory. The following capabilities are available:

Observe:

  • Observe all information.

Configure:

  • Configure features and services.
  • Start & stop services.

Administer:

  • Add and delete services to the DD Manager.
  • Upgrade firmware.
  • Add, edit and delete user groups.
info

A group with Administer or Configure capabilities, also require the Observe capability.

Initial login to the DD Manager

  1. Navigate to the Local Manager, see Configure.
  2. Log in to the DD Manager as an administrator, user must be a member of the Admin Group previously configured in Local admin.

View your user and group access

  1. Select in the navigation bar to view you user data.

View groups

  1. Select in the navigation bar to view currently configured groups.

Add group

  1. Click + Add to add a new group.
  1. Provide a group name and choose capabilities.
info

The group name must correlate to a group defined in the user directory.

  1. Click Submit to save group.

Edit group

  1. In the group table, click the to edit an existing group.
  1. Provide a group name and choose capabilities.
info

The group name must correlate to a group defined in the user directory.

  1. Click Submit to save group.

Delete group

  1. In the group table, click the to delete a group.
  1. Click Yes, delete to delete group.
Loading...