Understanding and changing login configuration (Xcalar admin only)
If you ran the Xcalar GUI Installer to install your Xcalar cluster, Xcalar Design authenticates users through the Lightweight Directory Access Protocol (LDAP) server, according to the LDAP information you provided during installation.
If you deployed a Xcalar cluster from Microsoft Azure Marketplace, for user authentication, you can use Azure Active Directory (Azure AD).
This topic describes how to change the user authentication method through the Login Configuration modal window in Xcalar Design.
Displaying the Login Configuration modal window
To display the Login Configuration modal window, follow these steps:
- Log in to Xcalar Design as the admin user.
- Click the Setup icon () in the Monitor.
- Click Login Configuration.
The rest of this topic discusses the tasks you can perform in the Login Configuration modal window. After you fill out the required information in the Login Configuration modal window, click CONFIRM & SAVE. Your changes take effect immediately.
Enabling or disabling an authentication method
In the Login Configuration modal window, you can enable or disable LDAP or Azure AD authentication.
Enabling or disabling LDAP authentication
You can disable LDAP if you want to use Azure AD for authentication.
If you enable LDAP in the Login Configuration modal window, you can configure the LDAP server by filling out the LDAP fields as you did when running the Xcalar GUI Installer.
Enabling or disabling Azure AD authentication
You can disable Azure AD if you want to use LDAP for authentication. Alternatively, you can enable both Azure AD and LDAP.
If you enable Azure AD, follow the on-screen instructions to fill out the TENANT and CLIENT ID fields in the Login Configuration modal window.
Regardless of the user authentication method, you must set up an admin user account in the directory services database before you can log in to Xcalar Design as an admin user. This user account, which you create during the Xcalar installation process, provides additional privileges, such as the privilege to access the Setup icon in the Monitor.
In addition, you can create a default admin user account, whose credentials are stored locally on your cluster. This account enables you to log in if for any reason both LDAP and Azure AD are not usable or are disabled. After logging in as the default admin user, you can enable an authentication method or reconfigure LDAP or Azure AD to resolve problems related to directory services.
Creating the default admin user account
To create the default admin user account, follow these steps:
- Click the check box for ENABLE DEFAULT ADMIN USER ACCOUNT.
Enter the following information:
- User name.
- User password, which must consist of at least one non-blank character.
- Email address.
- Click CONFIRM & SAVE.
Changing the default admin user account information
For an existing default admin user account, if you need to change the account information, follow these steps:
- If the default admin user account is not enabled, click the check box for ENABLE DEFAULT ADMIN USER ACCOUNT.
Change the user name, user password, or email address.NOTE: You can change the password without providing the existing password. This step is useful, for example, if you forget your password and want to reset it.
- Click CONFIRM & SAVE.