Add Authorization Server / Edit Authorization Server Form¶
Toolbar¶
Fields¶
Name |
Data type |
Description |
|---|---|---|
Name |
string |
The unique name identifier for this authorization server connection. |
Purpose |
enum USER, IDENTITY, ENDPOINT_DEVICE |
Defines what types of objects will be synchronized: Administrator accounts, Identities, or Endpoints. |
DB type |
enum LOCAL, EXTERNAL, REDIRECT, LDAP, GSUITE, SOCIAL_PORTAL, INTEGRATION_SERVER, RADIUS |
The type of external database or authorization method being used. |
URL |
string |
The host IP address or domain name of the authorization server. |
Login |
string |
The service account name used to authenticate with the external authorization server. |
Description |
string |
Additional description visible to all NACVIEW users. |
Is enabled |
boolean |
Indicates whether the authorization server is active for synchronization and authentication. |
DB driver |
enum AuthorizationSeverDbDriverEnum |
The database driver used to connect to the external authorization server. |
DB name |
string |
The name of the external database to connect to. |
Integration server |
oneOf NestedIdentifier |
The integration server used for endpoint synchronization. |
Social portal type |
enum AuthorizationServerSocialPortalTypeEnum |
The type of social portal for identity synchronization (Facebook or Google). |
Administration groups |
array of entity preview |
Administration groups that can manage this authorization server. |
Panels¶
Change/set password¶
Name |
Data type |
Description |
|---|---|---|
Password |
string |
The password for the service account used to authenticate with the authorization server. |
Bearer token |
string |
Bearer token for API-based authorization servers. |
More options¶
Name |
Data type |
Description |
|---|---|---|
Synchronisation interval |
enum SynchronizationIntervalEnum |
The time interval between automatic synchronizations with the external server. |
Synchronise incrementally |
boolean |
Enable to synchronize only changes since the last sync rather than full synchronization. |
Radius auth type |
enum AuthorizationServerRadiusAuthTypeEnum |
The RADIUS server authentication type (PAP or CHAP). |
Delete after synchronization |
boolean |
When enabled, objects deleted in the external server will be deactivated in NACVIEW. |
LDAP service |
oneOf NestedIdentifier |
The LDAP service type for directory connections. |
Base DN |
string |
The Distinguished Name for searching objects to synchronize in the directory. |
Login type |
enum AuthorizationServerLoginType |
The type of login identifier used for authentication (e.g., email, account name, distinguished name). |
Second login type |
enum AuthorizationServerLoginType |
An alternative login type that can also be used for authorization. |
LDAP custom filter |
string |
Additional LDAP filter for object synchronization. |
Follow referrals on |
boolean |
Enable to allow the system to follow LDAP referrals to other servers. |
Editable external data |
boolean |
Allow editing of data synchronized from external sources in NACVIEW. |
Synchronise organizational unit |
boolean |
Enable synchronization of organizational units from the external server. |
Delete organizational unit after synchronization |
boolean |
When enabled, organizational units deleted in the external server will be deactivated. |
LDAP organizational units custom filter |
string |
Additional LDAP filter for organizational unit synchronization. |
Custom 1 |
string |
Custom attribute mapping field 1 for identity synchronization. |
Custom 2 |
string |
Custom attribute mapping field 2 for identity synchronization. |
Custom 3 |
string |
Custom attribute mapping field 3 for identity synchronization. |
Custom 4 |
string |
Custom attribute mapping field 4 for identity synchronization. |
MAC address attribute |
string |
The LDAP attribute containing MAC address information for endpoints. |
External TACACS password |
boolean |
Use external TACACS server password for administrator authentication. |
Password hash type |
enum PasswordHashType |
The type of password hashing used by the external authorization server. |
Notification channels |
array of entity preview |
Channels to receive notifications about synchronization events. |
Generate password |
boolean |
Generate local passwords for objects synchronized from external databases. |
PKI auto-generate |
boolean |
Automatically generate PKI certificates for synchronized identities or endpoints. |
Send PKI |
boolean |
Automatically send PKI certificates via email to synchronized objects. |
Automatic WiFi notify |
boolean |
Send WiFi credentials automatically to new synchronized identities. |
Synchronize system node |
oneOf NestedIdentifier |
Synchronize system node configuration with this authorization server. |
Remove object time |
enum RemoveObjectTimeEnum |
Time period after which deleted objects are removed from NACVIEW. |
Certificate file |
string |
Certificate file for SSL/TLS connections to the authorization server. |
Certificate key |
string |
Private key file for SSL/TLS connections to the authorization server. |
Default param for access groups |
array of entity preview |
Default administration group assigned to synchronized objects. |
Default param for object groups |
array of entity preview |
Default object group assigned to synchronized objects. |
Default endpoint device parameters |
array of entity preview |
Default device parameters assigned to synchronized endpoints. |
Default endpoint device type |
enum EndpointType |
Default device type assigned to synchronized endpoints. |