Tarantella Authentication
NT4 Authentication
First define the NT domain against which users are authenticated
1. Login to tarantella as the administrative user (either root or administrator)
2. Open Array Manager
3. Click Tarantella Login, Properties
4. Check the Login Authorities, NT login authority box
5. In the Windows NT Domain field, type the name of the domain to authenticate NT users against
The following command line needs to be executed to define the domain controller for
the domain
/opt/tarantella/bin/tarantella stop
tarantella config edit \
--com.sco.tta.server.login.ntauth.NTAuthService.properties-authConfig \
authnbt=NTNAME authserver=my.domain.name
Where:
authnbt should be set to the WINS name of the PDC
and authserver should be set to the FQDN of the PDC
An example specific to the NT4 NTDOM domain is shown below:
/opt/tarantella/bin/tarantella config edit \
--com.sco.tta.server.login.ntauth.NTAuthService.properties-authConfig \
authnbt=NTSRV authserver=ntsrv.jw.com
/opt/tarantella/bin/tarantella start
AD Authentication
1. Login to tarantella as the administrative user (either root or administrator)
2. In Array Manager, open Tarantella Login properties.
3. Check the LDAP Login Authority box, to enable authentication against an LDAP server.
The LDAP login authority searches the LDAP server, named in the appropriate fields, for matching users.
4. In URL, type the name of the LDAP server in URL form: in this example, ldap://melbourne.indigo-insurance.com.
o For LDAP servers listening on non-standard ports you can specify the port number, for example ldap://melbourne.indigo-insurance.com:5678.
o Normally, the LDAP login authority searches the entire LDAP server. You can restrict the search to part of the LDAP server by adding a search root to the end of the URL, for example dc=indigo-insurance,dc=com.
o If you want or need to use a secure connection to the LDAP server, use an ldaps:// URL, not an ldap:// URL. (For secure connections, additional components must be installed on each Tarantella server in the array: see Which LDAP servers are supported? for more information.)
5. Some LDAP servers allow unauthenticated searching, so you don't need to supply a username or password. Others, including Microsoft Active Directory, require the username and password of a sufficiently privileged user. In this example, the username might be cn=Bill Orange,cn=Users,dc=indigo-insurance,dc=com. You might want to create a special LDAP user reserved for allowing the Tarantella LDAP login authority to search your LDAP server's database.
6. Click Apply. Users may now be authenticated against the LDAP server.