Configuring EAServer roles  Configuring OS user and group authorization

Chapter 13: Security Configuration Tasks

Configuring OS authentication

To enable OS authentication on EAServer:

  1. From EAServer Manager, double-click the server you want to configure.

  2. Select File | Properties.

  3. Select the Security tab.

    Enable OS Authentication – if selected, this option maps EAServer client users to operating system user names and passwords. You must supply a user name and password that is valid for the machine where the EAServer is running. For example, for UNIX, you would use network information service (NIS) passwords, and for Windows, you would use your Windows domain password. Windows users can provide a domain name as part of their user name; for example, \\domain_name\username.

    For Windows, Active Directory Services style accounts are supported. The format of Active Directory Service (ADS) accounts is username@domain. For example, username@sybase.com.

    To use OS authentication on Windows, the user who runs EAServer must be included in the “Administrators” group on your Windows machine.

StepsEnabling OS authentication on UNIX

  1. Select the Enable OS Authentication option on the Security tab.

StepsEnabling OS authentication on Windows 2000

  1. Select Start | Settings | Control Panel.

  2. Double-click Administrative Tools.

  3. Double-click Local Security Settings.

  4. In the left pane, click Local Policies.

  5. Select and open User Rights Assignment.

  6. Double-click Act as Part of the Operating System.

  7. Click Add in the new pop-up window to add the desired users. This provides the required privileges to EAServer to authenticate a user by querying the underlying operating system.

  8. Log out, then log back in to your Windows 2000 system to enable authentication.

  9. From EAServer Manager, select Enable OS Authentication on the Server Properties Security tab.

StepsEnabling OS authentication on Windows XP

  1. Select Start | Settings | Control Panel.

  2. Double-click Administrative Tools.

  3. Double-click Local Security Policy.

  4. Expand the Local Policies folder, then select User Rights Assignment.

  5. Double-click Act as Part of the Operating System.

  6. In the new dialog box, click Add User or Group to add users.

  7. In the Select Users or Groups dialog box:

    1. Click Object Types, and select Users.

    2. Click Locations, and select the network domain.

    3. Enter the user names that are authorized to start, shutdown, and refresh EAServer.

    This provides the required privileges to EAServer to authenticate a user by querying the underlying operating system.

  8. Log out, then log back in to your Windows XP system to enable authentication.

  9. From EAServer Manager, select Enable OS Authentication on the Server Properties Security tab.

  10. Restart EAServer.

NoteThe password for the jagadmin account is always defined in EAServer Manager. Even if jagadmin is defined as an OS user name and OS authentication is enabled, the password defined in EAServer Manager is required to log in as jagadmin.





Copyright © 2005. Sybase Inc. All rights reserved. Configuring OS user and group authorization