Authentication and Authorization
Authentication to the XTENDISE is based on username and password verified against the Active Directory domain. The active directory domain is configured during the initial configuration process. This means the Administrator is prompted by a web brower to enter the valid credentials. If the Administrator's computer is joint to the domain it can utilizes Single Sign On for transparent authentication.
Authorization to the application is a separate step from the Authentication and is based on Active Directory Group Membership. The user has to be in the configured groups in Active Directory to be allowed into the application. The groups are configured during the initial configuration Here. You can use an existing groups or create a new groups.
- Administrator role - Has a full access to the application with no limitation. Administrator can also configure the application.
- User role - Can use the application, but cannot configure any setting. Users can be limited which Endpoint Group can add MAC addresses into.
- It is common that Administrators with Super Admin priviledges in ISE has also Administrator priviledges in XTENDISE, thus the same group can be used for authorization.
- There is no need to create new groups for Users either. You can reuse any existing groups in Active Directory for example group for you helpdesk employees. If no such group exists, create a new group and put Users into the group.