Security providers: enable LDAP, RADIUS, Kerberos, SCIM, and SAML2 logins
Users & Security
Security Providers
Security providers
You can configure your BeyondTrust Appliance B Series to authenticate users against existing LDAP, RADIUS, SCIM, SAML2, or Kerberos servers, as well as to assign privileges based on the preexisting hierarchy and group settings already specified in your servers. Kerberos enables single sign-on, while RSA and other two factor authentication mechanisms via RADIUS provide an additional level of security.
Add provider
From the Add dropdown, select LDAP, RADIUS, Kerberos, SCIM, or SAML2 to add a new security provider configuration.
Change order
Click this button to drag and drop security providers to set their priority. You can drag and drop servers within a cluster; clusters can be dragged and dropped as a whole. Click Save Order for prioritization changes to take effect.
Disable
Disable this security provider connection. This is useful for scheduled maintenance, when you want a server to be offline but not deleted.
Sync
Synchronize the users and groups associated with an external security provider. Synchronization occurs automatically once a day. Clicking this button forces a manual synchronization.
View log
View the status history for a security provider connection.
Duplicate node
Create a copy of an existing clustered security provider configuration. This will be added as a new node in the same cluster.
Upgrade to a cluster
Upgrade a security provider to a security provider cluster. To add more security providers to this cluster copy an existing node.
Copy
Create a copy of an existing security provider configuration. This will be added as a top-level security provider and not as part of a cluster.
Edit, delete
Modify an exiting object or remove an existing object.
If you edit the local security provider and select a default policy that does not have administrator permissions, a warning message appears. Ensure other users have administrator permissions before proceeding.