Security providers: enable LDAP, RADIUS, Kerberos, SCIM, and SAML2 logins

Users & Security

Security Providers

Security providers

You can configure your BeyondTrust Appliance B Series to authenticate users against existing LDAP, RADIUS, SCIM, SAML2, or Kerberos servers, as well as to assign privileges based on the preexisting hierarchy and group settings already specified in your servers. Kerberos enables single sign-on, while RSA and other two factor authentication mechanisms via RADIUS provide an additional level of security.

Add provider

From the Add dropdown, select LDAP, RADIUS, Kerberos, SCIM, or SAML2 to add a new security provider configuration.

Change order

Click this button to drag and drop security providers to set their priority. You can drag and drop servers within a cluster; clusters can be dragged and dropped as a whole. Click Save Order for prioritization changes to take effect.

Disable

Disable this security provider connection. This is useful for scheduled maintenance, when you want a server to be offline but not deleted.

Sync

Synchronize the users and groups associated with an external security provider. Synchronization occurs automatically once a day. Clicking this button forces a manual synchronization.

View log

View the status history for a security provider connection.

Duplicate node

Create a copy of an existing clustered security provider configuration. This will be added as a new node in the same cluster.

Upgrade to a cluster

Upgrade a security provider to a security provider cluster. To add more security providers to this cluster copy an existing node.

Copy

Create a copy of an existing security provider configuration. This will be added as a top-level security provider and not as part of a cluster.

Edit, delete

Modify an exiting object or remove an existing object.

If you edit the local security provider and select a default policy that does not have administrator permissions, a warning message appears. Ensure other users have administrator permissions before proceeding.