Documentation forSecurity Event Manager

SEM 2021.2: Authentication

SEM 2021.2 simplifies and improves Single Sign On (SSO) configuration and Local User authentication, consolidating these in the Authentication section of Settings.

To view the Authentication section, click and select Authentication.

The Authentication section of the settings provides the following tabs:

Login Options

The tab enables the administrator to determine whether SEM can be accessed by LDAP credentials, local user credentials or users created in SEM (see Adding and managing SEM users) or a combination of these.

Local Users

The Local Users tab enables you to specify the minimum length of local user passwords and whether you want to use non-complex or complex passwords.

  • A non-complex password can be between 6 and 512 characters in length
  • A complex password can be between 8 and 512 characters in length and must:
    • not contain the username
    • not contain unprintable characters
    • And must include at least 3 of the following:
      • one uppercase letter
      • one lowercase letter
      • one special character
      • one digit

LDAP Configuration

The LDAP configuration tab has not changed since the 2020.4 release. See Configure LDAP for SEM in the SEM Administrator Guide for further information.

SSO Configuration

The SSO tab replaces the previous SSO configuration form. All existing SSO configurations are displayed here. There are no changes to SSO authentication.

Create a SSO

To create a new single sign on, click Create configuration to display the Create SSO Configuration window.

  1. Enter the Service Principle Name (SPN).
  2. Click Browse, and then select the keytab file.

    See Generate a keytab file using Ktpass for further information.

  3. Click Save.

Your keytab file is uploaded to SEM. If you are logged in as a local user, SEM logs you out of the Admin user interface.

This SSO is now configured on SEM.

Edit or delete a SSO

To edit or delete a SSO, click the three vertical dots after the SSO name and click Edit or Delete.

For complete information on Single Sign On in SEM, see Set up single sign-on in SEM in the SEM Administrator guide.