The following procedures explain how to use Zend Server's Simple and Extended authentication methods: changing and resetting passwords, switching authentication methods, and advanced procedures for working with Extended Authentication.
To better understand the procedures described in this topic, watch this video:
The following procedures explain how to change or reset user passwords.
The following procedure describes how to change user passwords from inside the Zend Server UI.
Note:
This procedure can only be performed when using Simple Authentication.
|
|
|
To change user passwords:
|
|
The following procedure describes how to reset a lost password from outside the Zend Server UI.
If you are using Extended Authentication, the procedure will also revert your authentication method back to Simple Authentication. Once you have accessed Zend Server with your new password, you can switch your authentication method. For more information, see Changing Authentication Methods below.
Note:
This procedure can only be performed by user 'admin'.
|
|
|
To reset your password: In IBM i:
|
If you are unable to change your password, refer to the Support Center for further information. |
The following procedures explain how to change your authentication method from Simple Authentication to Extended Authentication, and vise versa.
Simple authentication uses the internal authentication service provided with Zend Server, and is based on a username and password defined for each user. Extended Authentication allows users to authenticate with an external LDAP server.
Simple Authentication is the default authentication method in Zend Server. This procedure explains how to change to Extended Authentication.
Note:
This procedure can only be performed by user 'admin'.
Warning:
In case this procedure fails, you may find yourself unable to access Zend Server. If this occurs, change your password using an external utility. For more information, see Changing User Passwords Externally above.
|
|
|
To use Extended Authentication, and authenticate users with LDAP:
Important! Be sure to enter the LDAP group name that is to be assigned to administrators. It is highly recommended this group be assigned in your LDAP server before the change to extended authentication, so that you may log in again immediately.
Note: The format for the username DN information depends on the server type you selected in the previous step. If you selected "LDAP server", all DN information about the user must be specified. If you selected "Active Directory", only a username is required.
|
Warning: In case this procedure fails, you may find yourself unable to access Zend Server. If this occurs, change your password using an external utility. For more information, see Changing User Passwords Externally above. |
This procedure explains how to move back to Zend Server's default authentication method - Simple Authentication.
Note:
This procedure can only be performed by user 'admin'.
|
|
|
To use Simple Authentication:
|
|
Zend Server's Extended Authentication method allows administrators to assign a Zend Server user role (e.g., Developer) to an LDAP user group , awarding all users in the group all the associated user role permissions. This feature is especially useful for administrators with more than one remotely defined LDAP user groups, to whom he would like to assign different Zend Server user permissions.
In addition, administrators can assign an LDAP user group to an application managed by Zend Server, awarding all members of the group Zend Server DeveloperLimited user role permissions for the specified application.
Note:
For a breakdown of the differences between the various Zend Server user roles, see User Permissions.
An administrator has two defined LDAP user groups: 'rnd-us', consisting of two veteran developers and 'rnd-uk', consisting of six novice developers. The production environment includes two applications, 'oldApp' and 'newApp'. The administrator would like to:
Note:
This procedure can only be performed by user 'admin'.
|
|
|
To define role and application groups:
|
|
This procedure explains how to integrate Zend Server with an example customized authentication adapter. The provided example includes two CustomAuth adapters that return a successful result object for any input:
Warning!
This procedure requires that you view and access back-end application files which, in normal circumstances, should not be changed. For this reason, we highly recommend that you perform this task only if you clearly understand the supplied instructions.
|
|
|
To integrate with a customized authentication adapter:
[authentication] simple = false
[authentication] simple = false adapter = "CustomAuth\Adapter\AdapterWithGroups" |
|
|
|
|
Related Links: |
|
|
© 1999-2013 Zend Technologies, Ltd. All rights reserved.