This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Authentication - EOC 2.1

Hey jblankjblank​,

In the old EOC there was an option under the Manage SolarWinds Servers to 'Import Active Directory Accounts from this SolarWinds Server into EOC'.
Is that hidden somewhere in the EOC v2.1?

Here is our over arching problem:
Our Users are able to log into the EOC with their AD Creds, but if they click on anything that takes them to a Regional Server, it logs them in as the EOC Account, not their AD.
We've been testing the "Use Custom Credentials' but it seems that Every User must get to 'Manage Servers' and input their own creds when they log into the EOC. That's just not convenient for a larger company. Am I missing a setting here somewhere to pass the individual log in info?

Thanks!

Parents
  • Hi there! jblankjblank​ has moved on to a new challenge at SolarWinds.  I'm handling EOC now.

    Unfortunately there is not an option in EOC 2.1 to import Active Directory accounts from Orion instances.  You're correct that pass through today requires going through Manage Servers.

    If you could wave a magic wand and have this work however you would like, how would it work?

  • Hey Chris (cobrien​)!

    What is "Manage Servers"?  Is this part of the EOC settings configuration?  Are you referring to "Manage SolarWinds Sites"?

    I am using EOC in an environment that uses 2FA (CAC) for authentication.  There is no way to specify a username and password for each user in EOC that would be used in a drill-down to the SolarWinds content site.  We are already authenticating EOC access using group account management, just as we are with the Orion sites.  This works well and I can see the user and their granted access group in the title bar.  However, when the user selects an event or object to get more details and they are sent to the SolarWinds site, they are connected using the designated default account in the site properties of EOC.  I do not want to grant elevated access to an account that already violates the security practices (2FA) in our environment.

    Is it possible to pass through the current session credentials to the drill-down SolarWinds site?  Are there impersonation issues preventing this redirection?

    I agree with rfackrell​, importing the credential sets from the Orion instances is not necessary and, in the scenario presented here, doesn't seem to make a difference during drill down.

    Thank you for any guidance!

Reply
  • Hey Chris (cobrien​)!

    What is "Manage Servers"?  Is this part of the EOC settings configuration?  Are you referring to "Manage SolarWinds Sites"?

    I am using EOC in an environment that uses 2FA (CAC) for authentication.  There is no way to specify a username and password for each user in EOC that would be used in a drill-down to the SolarWinds content site.  We are already authenticating EOC access using group account management, just as we are with the Orion sites.  This works well and I can see the user and their granted access group in the title bar.  However, when the user selects an event or object to get more details and they are sent to the SolarWinds site, they are connected using the designated default account in the site properties of EOC.  I do not want to grant elevated access to an account that already violates the security practices (2FA) in our environment.

    Is it possible to pass through the current session credentials to the drill-down SolarWinds site?  Are there impersonation issues preventing this redirection?

    I agree with rfackrell​, importing the credential sets from the Orion instances is not necessary and, in the scenario presented here, doesn't seem to make a difference during drill down.

    Thank you for any guidance!

Children