This section explains how to set up basic authentication for the following files on operation management clients.

• The launch HTML for the Admin Console

• The launch HTML for users (created using the User Definitions tab of the Admin Console window)

  Point

  • Before setting up basic authentication here, set up anonymous access as explained in "5.2.1 Microsoft(R) Internet Information Services" and "5.2.1.5 Directory security settings".

  Note

  When using basic authentication settings, the policy distribution function cannot be used.

Basic authentication settings are made in three steps: registering a user account with Windows, setting up access control to files, and making file security settings for Microsoft(R) Internet Information Services(IIS).

1. Registering a user account with Windows

   Register a user account for accessing the Admin Console launch HTML or a user launch HTML file.

   • The user that accesses the Admin Console can either be a newly created account or the account with Administrator privileges that is usually used.

   • No specifications need to be made if the account type (access permissions) for the account created here (for accessing the Admin Console or a user launch HTML file) is the same as the account that can allow read permissions for the file that is set up in Step 2 "Making access control settings to files" below.

     
     

   Register a user by running User Accounts from the Control Panel.

   Refer to the Windows Help for details on how to register users.

   
   

2. Setting up access control to files

   For Windows XP, select Folder Options from the Tools menu of Explorer, select the View tab, and then cancel the Use simple file sharing checkbox in the Advanced Settings section.

   Note

   Simple file sharing is enabled by default with Windows XP, but the change above means that simple file sharing cannot be performed. Make absolutely sure that this change will not affect how the system operates, by referring to the Help files for Windows(R) XP.

   
   

   Reference: Extract from the Help information for the Folder Options dialog box

   By using simple file sharing, folders can be shared with all of the members of the work group or network that you belong to, or user profile folders can be made private.

   
   

   1. Open the following folder using Explorer:

      operation management client installation folder\www

   2. Select either "AdminConsole.html" or "user name.html", and open the Properties window by clicking the right mouse button and then selecting Properties from the context menu that appears.

   3. Select the Security tab, and register users that are allowed to access the file in the Group or user name box. At this point, remove any registered users that should not be allowed to access the file.

   4. Allow at least Read permissions for users that are to be allowed to access the file

   5. Apply these definitions by clicking the OK button.

   
   

3. Making file security settings with IIS

   The method for making file security settings with IIS is as follows:

   1. Select the "SSQC" virtual directory name from the settings window for Microsoft(R) Internet Information Services.

   2. Select either "AdminConsole.html" or "user name.html" in the window area on the right-hand side, and open the Properties window by clicking the right mouse button and then selecting Properties from the context menu that appears.

   3. Select the File Security tab, and then click the Edit button under Anonymous access and authentication control.

   4. Cancel the Anonymous access checkbox and select the Basic authentication checkbox for Authenticated access. At this point, cancel the checkboxes for any other authentication methods that may have been selected.

   5. Apply these definitions by clicking the OK button.

      
      

   Set as follows for IIS 7.0/7.5.

   1. Select SSQC as the virtual directory name from the IIS settings window.

   2. Click Permissions in the function view.

   3. If the status of Basic Authentication is Disabled, right-click on Basic Authentication and select Enabled from the context menu.

      Note that if the Basic Authentication item does not appear, then Basic Authentication has not been installed.
      Go to Server Manager >> Web Server >> Add Role Services and check Security >> Basic Authentication. This installs Basic Authentication.

   4. Disable other authentications if they are enabled.

   5. When you open the console window, a window for entering a user name and password appears. Enter the name of a user with Administrator privileges.

      
      

This completes the settings for basic authentication.