The Management Server includes a credential management system that enables you to create, store, and manage credentials through the Foglight® browser interface.
Different cartridges support different types of credentials. Some cartridges, for example, support the use of Windows® and UNIX® credentials, while others can only authenticate local users. The credential type determines which parts of the monitored system are used to connect to a resource, such as host names or IP addresses. For complete information about cartridge-specific credential types, see your cartridge documentation.
For detailed information about managing credentials in Foglight, see “Controlling System Access with Credentials” in the Administration and Configuration Guide.
Foglight supports the following commonly used credential types:
• |
Challenge Response: Uses one or more challenge and response pairs to grant access without requiring any interaction in the browser interface. The answers are sent by the agent as part of the agent configuration. |
• |
Domain, User Name, and Password (Windows): Requires a user name and password to access a monitored resource. The domain name is optional. |
IMPORTANT: When specifying a domain name in this credential type, a fully qualified domain name is required. Failing to use a fully qualified domain name may prevent the Agent Manager from establishing a connection to a remote monitored resource. For example, if the full domain name is prod.example.com, use prod.example.com as the domain name instead of just prod, when configuring the credential. |
• |
DSA Key: Uses the Digital Signature Algorithm (DSA) Key for authentication. |
• |
RSA Key: Uses the RSA (Rivest, Shamir, and Adleman) Key for authentication. |
• |
Use Client’s Login At Connection Time: Uses the currently logged in user’s account to access secured resources. This is not the user currently logged into the Management Server, but the user under which the credential client is running. For example, a credential provided to an Agent Manager instance launched by a user on a remote machine, causes the connection to the secured resource to be made using this user’s identity. |
• |
User Name: Requires a user name to access a monitored resource. |
• |
User Name and Password: Requires a user name and password to access a monitored resource. |
For more information about creating and managing credentials, including detailed examples of configuring a credential, see “Exploring the Manage Credentials Dashboard” in the Foglight Administration and Configuration Guide.
2 |
On the navigation panel, click Dashboards > Administration > Credentials > Manage Lockboxes. |
3 |
On the Manage Lockboxes dashboard, in the row containing the lockbox that you want to release, click the Release to Credential Clients icon. |
4 |
In the Release Lockbox to Credential Clients dialog box, type the lockbox password (if one exists) and select one or more credential clients (that is, Agent Managers) for lockbox release. |
5 |
Click Release. |
6 |
Optional—ensure the Credential Clients column is populated. |
a |
Using the breadcrumb trail, return to the main Credentials dashboard, and navigate to the View Clients dashboard. |
b |
On the View Clients dashboard, ensure that the Show lockboxes currently assigned to each client check box is selected. |
c |
Return to the main Credentials dashboard. |
d |
Navigate to the Manage Lockboxes dashboard. |
e |
On the Manage Lockboxes dashboard, observe the Credential Clients column of the newly released lockbox entry. The column lists the credential clients to which the lockbox is assigned. |
© ALL RIGHTS RESERVED. 이용 약관 개인정보 보호정책 Cookie Preference Center