Authentication

The authentication summary screen displays credentials used to communicate with and manage devices.

This portlet displays credentials used in discovery and communication with network resources. The Name column identifies the set of credentials, Designated for EMS means it is available for all users, and Type indicates the protocol for that authentication.

Functions common to many menus, in addition to the Import / Export and Sharing, include the following actions are available in the right-click menu:

New / Edit -- Opens Authentication Editor, where you can create a new authentication or edit the selected authentication. You cannot change the Authentication Type when you edit an existing authentication.

Details -- Displays a reference tree, associated equipment, and the configuration created or altered in Authentication Editor.

Audit -- Opens an audit trail viewer for the selected authentication.

Delete -- Deletes the selected authentication. If it is in use, an error message appears saying that deletion is not allowed.

Import / Export -- Imports or exports authentications to your Open Manage Network Manager system.

Authentication Editor

You can right-click and select New or Open to create or modify credentials for your system. You can also Delete and Share with User from that right-click menu.

The fields that appear in this editor vary, depending on the type of authentication. The ID (name) for the authentication is mandatory. If you Add an existing authentication, for example to Discovery Profiles, you can also configure the Management Interface Parameters like Timeout, Retries, and Port used. If you have an authentication that works for multiple protocols (for example SSH or Telnet), you can also select the Protocol Type.

Discovery can fail because of network latency / timeout issues. Increasing the timeout or retries for Open Manage Network Manager authentications can circumvent that.

If you do not get access to the deepest level of authentication--for example the “enable” user’s--you cannot access all of Open Manage Network Manager’s functionality. Also: many devices require more than one authentication--for example SNMP and Telnet / SSH.

When attempting to access a device configured with SNMP v3, if you see an error message like unable to read device serial number for selected credential, discovery fails. This indicates the SNMP v3 credential is faulty. It must be at least eight characters long. Correct any problem with it, and discovery and other access should be available. Open Manage Network Manager’s SNMP v3 authentications support the following:

• No Auth - No Priv

• Auth with MD5 and SHA digests - No Priv

• Auth with MD5 and SHA digests - Priv with DES encryption

The standard for SNMP v3 passwords is eight characters or larger. Some devices may accept shorter passwords, but Open Manage Network Manager requires eight characters or longer.

Use the Equipment and User Groups tabs to associate the authentication you configure here to devices or groups of users.

Expanded Authentication Portlet

The Settings button in the expanded Authentication portlet lets you configure column appearance (see Show / Hide / Reorder Columns). This offers the same column setup as the summary screen.

Authentication Snap Panel

When you select a listed authentication the Reference Tree Snap Panel displays a tree of that authentication’s connections to Discovery profiles and equipment.