RBAC can be configured through Omnipeek Windows by right clicking the desired capture engine in the engine list and clicking the “Configure Engine…” menu option.
Security Tab
From there, you can navigate to the “Security” tab and edit the third-party authentication:
For Active Directory authentication servers, the edit dialog should work the same as before, and the “Test Connection” button should work the same as before. The only change will be in the dialog that comes up when the user clicks the “Test User” button. The dialog will look a bit more spacious as we need to include a password field for TACACS+, but not for Active Directory so the user will just see some blank space. The user will not need a password to test the user for Active Directory. Note: This “Test User” button will not be visible for TACACS+ for capture engines below v25.1.
For TACACS+ authentication servers, the edit dialog will now include a “Test User” button. Upon clicking this button, a dialog will appear allowing the user to type in a username and password to test the user existence. No “Test Connection” button will be present as in Active Directory.
The user will see either a success or failure message after clicking the “Test User” button.
Access Control Tab
In the “Access Control” tab, the only changes are in the dialog that appears from clicking the “Edit Groups…” button.
The “Users” button has been removed from this dialog. The “Validate” button now will only be enabled if there is at least 1 Active Directory or TACACS+ authentication server in use.
Upon clicking the “Validate” button when a single group is selected in the “Groups” table, a dialog will appear asking the user to type in a username and password, however the password is only necessary if the group in question is a TACACS+ group, as indicated by the dialog prompt.
The user will see either a success or failure message after clicking the “Test User” button.
If there is at least one group specified, the user will be unable to apply changes to the role-based ACL unless third- party authentication is enabled and at least 1 Active Directory or TACACS+ authentication server is provided and in use.
LiveWire Omnipeek
RBAC can be configured through Omnipeek Web by clicking the “Configure Engine” button in the Home view.
Security Section
From there, you can navigate to the “Security” section and edit the third-party authentication:
For Active Directory authentication servers, the edit dialog should work the same as before.
For TACACS+ authentication servers, the edit dialog will now include a “Test User” button. Upon clicking this button, a dialog will appear allowing the user to type in a username and password to test the user existence. No “Test Connection” button will be present as in Active Directory. Note: This “Test User” button will not be visible for capture engines below v25.1.
The user will see either a success or failure message after clicking the “Test User” button.
Access Control Section
In the “Access Control” section, the only changes are in the dialog that appears from clicking the gear icon in the “Groups” row.
The “Users” button has been removed from the group rows in the “Groups” table. The “Validate” button now will only be enabled if there is at least 1 Active Directory or TACACS+ authentication server in use.
Upon clicking the “Validate” button for a group in the “Groups” table, a dialog will appear asking the user to type in a username and password, however the password is only necessary if the group in question is a TACACS+ group, as
indicated by the dialog prompt. If the group is an Active Directory group, the user can ignore the password field as it is not mandatory.
The user will see either a success or failure message after clicking the “Test User” button.
If there is at least 1 group specified, the user will be unable to apply changes to the role-based ACL unless third- party authentication is enabled and at least 1 Active Directory or TACACS+ authentication server is provided and in use.