Configuring Infranet Controller Sign-in Policies (NSM Procedure)

Sign-in policies define the URLs that users and administrators use to access the Infranet Controller and the sign-in pages that they see. The Infranet Controller has two types of sign-in policies—one for administrators and one for users. When configuring sign-in policies, you associate realms, sign-in pages, and URLs.

This topic contains the following information about sign-in policies:

Configuring Administrator Sign-In Policies

To define an administrator sign-in policies:

  1. In the NSM navigation tree, select Device Manager > Devices.
  2. Click the Device Tree tab, and then double-click the Infranet Controller device for which you want to define the administrator sign-in policies.
  3. Click the Configuration tab. In the configuration tree, select Authentication > Signing In > Sign-in Policies > User/Administrator URLs.
  4. Add or modify the settings for the User/Administrator URLs as specified in Table 47.
  5. Click one:
    • OK—Saves the changes.
    • Cancel—Cancels the modifications.

Table 47: Administrator Sign–in Policies Configuration Details

Option

Function

Your Action

Sign-in URL

Specifies the URL that you want to associate with the policy.

Enter the URL. Use the format <host>/<path>, where <host> is the hostname of the Infranet Controller and <path> is any string you want users to enter. For example, enter:

users1.yourcompany.com/ic.

To specify multiple hosts, use the * wildcard character. To specify that all administrator URLs should use the sign-in page, enter */admin.

Note: You may only use wildcard characters (*) in the beginning of the hostname portion of the URL. The Infranet Controller does not recognize wildcards in the URL path.

Description

Specifies the description for the policy.

Enter a brief description for the administrator sign-in policy.

Enable

Enables the sign-in policy option.

Select this option.

Sign-in Page

Specifies the page that you want to associate with the sign-in policy.

Select the sign-in page.

User Type

Specifies the user type.

Select Administrator, and click Add to move the required Admin Realms from the Non-members list to the Members list.

Realm Select

Specifies which realm(s) map to the policy, and how users and administrators should pick from among realms.

  • Select User types the realm name for the Infranet Controller to map the sign-in policy to all authentication realms, but do not provide a list of realms from which the administrator can choose. Instead, the administrator must manually enter the realm name into the sign-in page.
  • Select User picks from a list of authentication realms for the Infranet Controller to map only the sign-in policy to the authentication realms that you choose. The Infranet Controller presents this list of realms when the administrator signs-in to the Infranet Controller and allows a realm to be chosen from the list.

    Note: The Infranet Controller does not display a drop-down list of authentication realms if the URL is only mapped to one realm. Instead, only the realm you specify is displayed.

Configuring User Sign-in Policies

To define user sign-in policies:

  1. In the NSM navigation tree, select Device Manager > Devices.
  2. Click the Device Tree tab, and then double-click the Infranet Controller device for which you want to define the user sign-in policies.
  3. Click the Configuration tab. In the configuration tree, select Authentication > Signing In > Sign-in Policies > User/Administrator URLs.
  4. Add or modify the settings for the User/Administrator URLs as specified in Table 48.
  5. Click one:
    • OK—Saves the changes.
    • Cancel—Cancels the modifications.

Table 48: User Sign–in Policies Configuration Details

Option

Function

Your Action

Sign-in URL

Specifies the URL that you want to associate with the policy.

Enter the URL.Use the format <host>/<path>, where <host> is the hostname of the Infranet Controller and <path> is any string you want users to enter. For example, enter:

users1.yourcompany.com/ic.

To specify multiple hosts, use the * wildcard character. To specify that all end–user URLs should use the sign-in page, enter */.

Description

Describes the user sign-in policies.

Enter a brief description for the user sign-in policies.

Enable

Enables the sign-in policy option.

Select this option.

Sign-in Page

Specifies the page that you want to associate with the sign–in policy.

Select the default page that comes with the Infranet Controller, a variation of the standard sign-in page, or a custom page that you create using the customizable UI feature. For more information, see “Configuring Standard Sign-In Pages.”

User Type

Specifies the user type.

Select User.

authentication-realms

Specifies the realm(s) that should be mapped to the sign-in policy.

  1. Click authentication-realms. The Authentication dialog box appears.
  2. Select the Realm and Authentication Protocol.
  3. Click OK.

User may specify the realm name as a username suffix

Allows non-UAC endpoints to access the Infranet Controller by entering their credentials in the format user@realm.

Select this option.

Remove realm suffix before passing to authentication server

Allows users who enter their credentials with a suffix to send the user name without the suffix. Most authentication servers are not compatible with a realm suffix or decorated username.

Select this option.

Related Documentation