It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see End-of-Support for CloudGen Firewall Firmware for further information on our EoS policy.

How to Map Admins from User Groups of External Authentication Schemes

  • Last updated on

To grant a user administrative access to a Control Center or to a CC managed box, an individual administrator account must be created for every dedicated person. However, if such a user is also part of a group that is handled by external authentication services, the respective accounts must be multi-managed. To avoid this drawback, it is possible to grant administrative access to a Control Center based on user groups from external authentication systems, without the need to explicitly configure an administrator account on the Control Center or on the CC managed box.

Users that gain administrative access via mapping from external authentication services cannot log into the Control Center via SSH. In addition, there is also no allow list or block list in the group filtering.

Before You Begin

Log into your CC on box level to enable external authentication services. For more information, see Authentication.

Step 1. Create a Template to Map the Login Information from External Authentication Services to Your Control Center

For mapping the login information, first create a CC Admin user for an external authentication. For this, execute the following steps in the article How to Configure Administrative Profiles:

  1. Step 1. Add a Control Center Administrator
  2. Step 2a. Configure External Authentication Settings

Step 2. Map the Account of the External Administrator

  1. Go to CONFIGURATION > Multi-Range > Global Settings > Administrative Roles.
  2. In the left navigation bar, click External Admins.
  3. Click Lock.
  4. From the Enable External Admins list, select Yes.
  5. From Authentication Scheme, select the authentication scheme where the external admin is registered in.
  6. Deselect the Other check box.
  7. Click + to enter an entry to the Definitions table. The Definitions window opens.
    conf_external_admin_01.png
  8. Enter the Name for the definition.
  9. From the Admin template name list, select the entry that refers to your mapping information in Step 1. E.g., MapAdmins.
  10. Deselect the Other check box.
  11. In the Ext. Groups section, click +.
  12. Enter the name of the group the user is a member of in the external authentication service.
    ext_admin_mapping.png
  13. Click OK.
  14. Click Send Changes and Activate.
    ext_admin_mapping_done.png


You can now log into your Control Center as an administrator with the credentials of your external authentication service.