Cisco Cisco Firepower Management Center 4000
48-27
FireSIGHT System User Guide
Chapter 48 Managing Users
Managing Authentication Objects
The connection to the server is encrypted using SSL and a certificate named
certificate.pem
is used
for the connection. In addition, connections to the server time out after 60 seconds because of the
Timeout
setting.
Because this server is a Microsoft Active Directory server, it uses the
sAMAccountName
attribute to store
user names rather than the
uid
attribute. Note that the configuration includes a
UI Access Attribute
of
sAMAccountName
. As a result, the FireSIGHT System checks the
sAMAccountName
attribute for each
object for matching user names when a user attempts to log into the FireSIGHT System.
In addition, a
Shell Access Attribute
of
sAMAccountName
causes each
sAMAccountName
attribute to be
checked for all objects in the directory for matches when a user logs into a shell account on the appliance.
This example also has group settings in place. The Maintenance User role is automatically assigned to
all members of the group with a
all members of the group with a
member
group attribute and the base domain name of
CN=SFmaintenance,
DC
=it,
DC
=example,
DC
=com
.