Providing Credentials
Remote Installer allows you to specify credentials both for groups of Machines and for individual Machines in the Credentials view using in-place editors. It is also possible to import credentials from a file or copy them from another EMCO program. Credentials can be provided with or without explicit specification of the domain. The domain may be specified by using the User Principle Name or Down-Level Logon Name.
User Principal Name
The User Principal Name (UPN) format is used to specify an Internet-style name, such as UserName@Example.Emco.local. The following table summarizes the UPN components.
Component |
Example |
---|---|
User account name. Also known as the logon name. |
UserName |
Separator. A character literal, the at sign (@). |
@ |
UPN suffix. Also known as the domain name. |
Example.Emco.local |
A UPN can be defined implicitly or explicitly. An implicit UPN has the following form: UserName@FQDN. An implicit UPN is always associated with the user's account, even if an explicit UPN is not defined. An explicit UPN has the form Name@Suffix, where both the name and suffix strings are explicitly defined by the administrator.
Down-Level Logon Name
The down-level logon name format is used to specify a domain and a user account in that domain, for example, DOMAIN\UserName. The following table summarizes the components of a down-level logon name.
Component |
Example |
---|---|
NetBIOS domain name. |
DOMAIN |
Separator. A character literal, the backslash (\). |
\ |
User account name. Also known as the logon name. |
UserName |
Beside an explicit domain specification, you can use an implicit one by providing the Down-Level Logon Name with the '.' character instead of the domain part (.\UserName). In such case, the '.' character is replaced by the NetBIOS name of the Machine to connect to.
If the user name is provided without an explicit or implicit domain specification, the program generates one of the user name formats described above using the following rules:
- If credentials are specified on the Machine node, the following Down-Level Logon Name is generated for connection: MACHINE\UserName, where 'MACHINE' is the NetBIOS name of the Machine the program is connecting to and 'UserName' is the specified user name.
- If credentials are specified on the Network or Group node, than the group the Machine is located in is used to form the user name used for connection. If the group is an Active Directory domain, then the following UPN name is formed: UserName@FQDN, where 'UserName' is the specified user name and 'FQDN' is a fully qualified name of the domain the Machine is located in. In case the group is not an Active Directory domain, the following Down-Level Logon Name is generated for connection: DOMAIN\UserName, where 'DOMAIN' is the NetBIOS name of the group the Machine is located in and 'UserName' is the specified user name.
You can easily review the credentials that are going to be used for connecting to the remote Machine in the tool tip displayed for this Machine in the Credentials view.
Examples for Credentials specification
Specifying credentials for complex network environments may not be a trivial task, and this chapter is written to show you some examples that can help you with this task. Let's assume we have the following network structure:
Consider the following methods of setting the credentials:
- The credentials are set for the Network item. Connection to remote Machines and Active Directory will take place using the credentials set for the Network.
Same Credentials for Entire Network
- Two different credentials are set for the Emco and Dev groups. Connection to remote Machines from the Dev group will take place using the credentials set for the Dev group, Machines from the Emco group will be processed using the credentials set for the Emco group.
Specific Credentials for Groups
- Three different credentials are set for the Network, the Dev group and the Dev-PDC Machine. Connection to remote Machines from the Emco group will take place using the credentials set for the Network, the Dev group will use the credentials specified for the Dev group and for Dev-PDC the credentials set for Dev-PDC will be used.
Specific Credentials for Groups