Filter
Top Products
User Management
1001
SonicOS 5.8.1 Administrator Guide
Further Information on LDAP Schemas
• Microsoft Active Directory: Schema information is available at http://msdn.microsoft.com/
library/default.asp?url=/library/en-us/adschema/adschema/active_directory_schema.asp
and
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ldap/ldap/
ldap_reference.asp
• RFC2798 InetOrgPerson: Schema definition and development information is available at
http://rfc.net/rfc2798.html
• RFC2307 Network Information Service: Schema definition and development information
is available at
http://rfc.net/rfc2307.html
• Samba SMB: Development information is available at http://us5.samba.org/samba/
• Novell eDirectory: LDAP integration information is available at http://www.novell.com/
documentation/edir873/index.html?page=/documentation/edir873/edir873/data/
h0000007.html
• User-defined schemas: See the documentation for your LDAP installation. You can also see
general information on LDAP at
http://rfc.net/rfc1777.html
One-Time Password
One-Time Password (OTP) is a two-factor authentication scheme that utilizes system-
generated, random passwords in addition to standard user name and password credentials.
Once users submit the correct basic login credentials, the system generates a one-time
password which is sent to the user at a pre-defined email address. The user must retrieve the
one-time password from their email, then enter it at the login screen.
Each one-time password is single-use. Whenever a user successfully enters a valid user name
and password, any existing one-time password for that account is deleted. Unused one-time
passwords time out according to the time out value set on the Users > Settings > User
Session Settings interface. Administrators can enable one-time password on a Local User or
Local Group basis.To configure one-time password for Local Users see “Adding Local Users”
on page 1029, or for Local Groups, see “Creating a Local Group” on page 1035.
The administrator has their own checkbox to enable OTP, even if they belong to larger groups
with enabled OTP. This checkbox can be enabled on the System > Administration >
Administrator Name & Password interface.
To use the one-time password, the appliance must have access to a correctly configured SMTP
server. If OTP is enabled for administrators, without access to a correctly configured SMTP
server, all users needing an OTP will not be able to log in. In this case, an administrator would
need to log in through the command line console to disable their own OTP, by entering the
following commands in the serial console (assumes SonicWALL NSA 3500 appliance):
NSA 3500> configure
(config[NSA 3500])> no web-management otp enable