Authentication of Administrators

To connect to Dr.Web Server, administrator can authenticate by the following ways:

With storing administrative account information in the Dr.Web Server DB.

Using the common LDAP/AD settings that allow to connect to LDAP and Active Directory servers.

Via the RADIUS protocol.

Via PAM (for Dr.Web Servers running Unix-like OSs).

Via Active Directory (for Dr.Web Servers running Windows OS).

When updating Dr.Web Server from a previous version, authentication via the LDAP protocol may also be available if it was enabled in the previous version.

warning

After disabling LDAP authentication the corresponding section will be excluded from the Control Center settings.

The section is not provided during the initial installation of Dr.Web Server.

Authentication methods are used sequentially according to the following rules:

1.Authentication of administrator from the Dr.Web Server DB is always tried first.

2.The order of usage of authentication methods via the external systems depends on the order of their following in the settings, specified in the Control Center.

3.Authentication methods via the external systems are disabled by default.

To swap the usage of authentication methods

1.Select Administration in the main menu of the Control Center.

2.Select Authentication in the control menu.

3.In the opened window, list of authentications types is represented in the order of use. To change this order, drag and drop authentication methods in the list and place them in the necessary order of use the authentication.

4.To apply changes, you must restart Dr.Web Server.

warning

Administrative login must be unique.

Administrators are not allowed to connect via external authentication systems if an administrator with the same login already exists at Dr.Web Server.

 

After each saving of changes in the Authentication section, the backup copy of the previous version of the configuration file with administrators authentication parameters is saved automatically. Only 10 last copies are stored.

Files are placed in the same folder as the configuration file itself and named according to the following format:

<file_name>_<creation_time>

where <file_name> depends on authentication system: auth-ads.conf, auth-ldap.conf, auth-radius.conf, auth-pam.conf.

You can use created backup copies particularly to restore the configuration file if the Control Center interface is not available.