Cisco Cisco Expressway Maintenance Manual
Field
Description
Usage tips
API access Select whether this account is allowed to access
the system's status and configuration using the
Application Programming Interface (API).
Application Programming Interface (API).
Default: Yes
This controls access to the XML and REST APIs by
systems such as Cisco TMS.
systems such as Cisco TMS.
State
Select whether the account is Enabled or
Disabled. Disabled accounts are not allowed to
access the system.
Disabled. Disabled accounts are not allowed to
access the system.
Your
current
password
current
password
Enter your own, current password here if the
system requires you to authorize a change.
system requires you to authorize a change.
To improve security, the system requires that
administrators enter their own passwords when
creating an account or changing a password.
administrators enter their own passwords when
creating an account or changing a password.
Viewing Active Administrator Sessions
The Active administrator sessions page (Users > Active administrator sessions) lists all administrator accounts
that are currently logged in to this Expressway.
that are currently logged in to this Expressway.
It displays details of their session including their login time, session type, IP address and port, and when they last
accessed this Expressway.
accessed this Expressway.
You can terminate active web sessions by selecting the required sessions and clicking Terminate session.
You may see many sessions listed on this page if a zero Session time out value is configured. This typically occurs if
an administrator ends their session by closing down their browser without first logging out of the Expressway.
an administrator ends their session by closing down their browser without first logging out of the Expressway.
Configuring Remote Account Authentication Using LDAP
The LDAP configuration page (Users > LDAP configuration) is used to configure an LDAP connection to a remote
directory service for administrator account authentication.
directory service for administrator account authentication.
The configurable options are:
Field
Description
Usage tips
Remote account authentication: this section allows you to enable or disable the use of LDAP for remote account
authentication.
authentication.
Administrator
authentication
source
authentication
source
Defines where administrator login credentials are
authenticated.
authenticated.
Local only: credentials are verified against a local
database stored on the system.
database stored on the system.
Remote only: credentials are verified against an
external credentials directory.
external credentials directory.
Both: credentials are verified first against a local
database stored on the system, and then if no
matching account is found the external credentials
directory is used instead.
database stored on the system, and then if no
matching account is found the external credentials
directory is used instead.
The default is Local only.
Both allows you to continue to use
locally-defined accounts. This is useful
while troubleshooting any connection or
authorization issues with the LDAP server.
locally-defined accounts. This is useful
while troubleshooting any connection or
authorization issues with the LDAP server.
You cannot log in using a locally-
configured administrator account,
including the default admin account, if
Remote only authentication is in use.
Note: do not use Remote only if
Expressway is managed by Cisco TMS.
configured administrator account,
including the default admin account, if
Remote only authentication is in use.
Note: do not use Remote only if
Expressway is managed by Cisco TMS.
LDAP server configuration: this section specifies the connection details to the LDAP server.
172
Cisco Expressway Administrator Guide