The Impero Host offers five different Guest Access Methods.
Tools>Program Options>Guest Access Security>Guest Access Privileges tab
Here you will find a drop-down to select your preferred method.
Grant all Guests default access privileges
This is the default setting that uses a single password and a single security role
Grant each Guest individual access privileges using Impero authentication
This allows for multiple, unique Guest users to be defined on the Host with a Username and Password. Those unique users can be granted individual, custom security roles.
Grant each Guest individual access privileges using Windows Security Management
If the Host computer is a member of a domain and can look up users and groups in that domain, access to the Host can be granted via domain users and groups. These users and groups can be added to custom security roles. If the Host is not part of a domain but rather a workgroup, access rights can be granted using local users and groups on the Host computer itself.
This method has the ability to support Windows credential passing from the logged in Windows user of the Guest when the Guest's Connection Properties>Log on tab has enabled the option to "Use current logon credentials for Windows Security authentication".
Grant each Guest individual access privileges using Directory Services
If the Guest users are in a domain where the Host computer is not a member, a Directory Services connection must be defined in Tools>Program Options>Directory Services. Once the D.S. definition is in place, domain users and groups can be added to custom security roles. This also allows for the support of users in multiple domains since the Host computer does not need to be a member.
Use Impero Security Server
Selecting this option requires the use of the Impero Security Server module. This expansion module allows the authentication of Guests to Hosts to be centralized. The Impero Security Server Guest access also offers support for Netop authentication, Windows authentication, and Directory Services authentication.
In addition, the Security Server can centralize the storage of the Netop activity logs.
Use Netop Portal access rights
This option employs access control provided by the Netop Portal. The Portal offers stand-alone user/group definitions and/or user/group definitions via ADFS to your corporate Active Directory. Users are authenticated and authorized using a role based system. For optimum security, the Portal authentication method offers Multi-Factor Authentication.
For details on setup and configuration of these options please refer to the Connect User Guide and Connect Administrators Guide.
Please sign in to leave a comment.