9.1 Securing the Administration Console

When you look for ways to secure the Administration Console from unauthorized access, consider the following:

Admin User: The admin user you create when you install the Administration Console has all rights to the Access Manager components. We recommend that you protect this account by configuring the following features:

  • Password Restrictions: When the admin user is created, no password restrictions are set. To ensure that the password meets your minimum security requirements, you should configure the standard eDirectory password restrictions for this account. In the Administration Console, select the Roles and Tasks view in the iManager header, then click Users. Browse to the admin user (found in the novell container), then click Restrictions. For configuration help, use the Help button.

  • Intruder Detection: The admin user is created in the novell container. You should set up an intruder detection policy for this container. In the Administration Console, select the Roles and Tasks view in the iManager header, then click Directory Administration > Modify Object. Select novell, then click OK. Click Intruder Detection. For configuration help, use the Help button.

  • Multiple Administrator Accounts: Only one admin user is created when you install Access Manager. If something happens to the user who knows the name of this user and password or if the user forgets the password, you cannot access the Administration Console. Novell recommends that you create at least one backup user and make that user security equivalent to the admin user. For instructions, see Creating Multiple Admin Accounts. For other considerations when you have multiple administrators, see Managing Administrators.

Network Configuration: You need to protect the Administration Console from Internet attacks. It should be installed behind your firewall.

Delegated Administrators: If you create delegated administrators for policy containers (see Managing Delegated Administrators), be aware that they have sufficient rights to implement a cross-site scripting attack using the Deny Message in an Access Gateway Authorization policy.

They are also granted rights to the LDAP server, which gives them sufficient rights to access the configuration datastore with an LDAP browser. Modifications done with an LDAP browser are not logged by Access Manager. To enable the auditing of these events, see Activating eDirectory Auditing for LDAP Events.

Test Certificates: When you install the Administration Console, the following test certificates are automatically generated

  • test-signing
  • test-encryption
  • test-connector
  • test-provider
  • test-consumer
  • test-stunnel

For strong security, we recommend that you replace these certificates, except the test-stunnel certificate, with certificates from a well-known certificate authority.

Ten years after you install the Administration Console, new versions of these certificates are automatically generated as the old certificates expire. If you are using any of the test certificates in your configuration, the Administration Console cannot use the new version until you reboot the machine.