Index | Prev | Next

Local vs LDAP users

Once an LDAP authentication scheme is configured and running, most user access to a station comes from LDAP users. However, most configurations benefit from at least two regular station users that are not dependent upon LDAP server communications.

The two local users are:

  • A replacement user for the admin user. The name “admin” is commonly used and easy for hackers to guess. Creating a new local super user with a unique name and strong password is a simple way to improve overall system security.
  • A local service user you can reference in other remote stations when configuring the Client Connection properties under the remote station’s NiagaraStation device.

    In theory, an LDAP user could serve as a service user, however, this is not recommended. A local service user makes the initial configuration of a NiagaraNetwork more straightforward and provides immunity from station-to-station communication issues that might arise, say from LDAP password expiration rules, or in the unlikely event of LDAP server problems.

     NOTE: Do not allow any person to log in to the station using this user account. A service user is only for Fox station-to-station communications. 

Related Links

  • Introduction to LDAP (Parent Topic)

    • Index | Prev | Next