Adding a user in the Sentinel system creates an application user who can then log in to Sentinel. You also assign roles when you create the user.
From, click .
Clickin the section.
Specify the name and email address of the user.
The fields with an asterisk (*) are mandatory, and the user name must be unique.
A user name cannot exceed 30 characters, and you can use extended characters when you create it.
Select a role for the user.
Select the authentication type:
Local: Select this option for the server to authenticate the user login against the internal database. By default, theoption is selected.
Directory: Theoption is enabled only if you have configured the Sentinel server for LDAP authentication. Select this option for the server to authenticate the user login against an LDAP directory.
If you selected Yes for Anonymous Search: The user name must be the same as the LDAP directory user name.
If you selected No for Anonymous Search and did not specify the domain name: The user name does not need to be the same as the LDAP directory user name.
You must also specify the. If Base DN was set, the Base DN is appended to the relative user DN to construct the absolute user DN.
For example, if the Base DN was set to o=netiq and the absolute user DN is cn=sentinel_ldap_user,o=netiq only the relative user DN for example, cn=sentinel_ldap_user can be specified.
When some reserved special characters are used as literals in an, they must be escaped with a backslash (\). The following characters must be escaped:
A space or '#' character occurring at the beginning of the string
A space character occurring at the end of the string
Any one of the characters, +, “, \, <, > or ;
For more information, see LDAPv3 Distinguished Names.
For example, if thecontains a ',' (comma) as a literal, specify the LDAP User DN as follows:
eDirectory or Active Directory might require additional characters to be escaped. Refer the eDirectory or Active Directory documentation for any additional characters to be escaped.
If you selected No for Anonymous Search and specified the domain name: The user name must be the same as the LDAP directory user name.
Specify a password in thefield.
NOTE:For local user password, ensure that the password adheres to the password complexity validation rules. For more information, see Configuring Password Complexity.
Re-enter the password in thefield.
The, , , fields are optional. The phone number fields allow any format. Make sure you enter a valid phone number so that the user can be contacted directly.