Authentication Options
Configuration of Keeper Connection Manager Authentication methods
Keeper Connection Manager supports multiple authentication mechanisms which can be enabled through installing additional packages.
The Auto Docker Install method comes pre-built with support for either MySQL or PostgreSQL databases for authentication.
Database images can be added to the Docker Compose Install method for authentication.
For Advanced Linux Install method, packages are available through the Keeper Connection Manager repository and automatically place the necessary Apache Guacamole extension within
/etc/guacamole/extensions and any necessary dependencies (such as database drivers) within /etc/guacamole/lib.The "Test Installation" using the
user-mapping.xml file is meant as a quick means of verifying the functionality of Guacamole but is not supported for production deployments.Ensure that a production-ready authentication mechanism is configured prior to deploying Keeper Connection Manager.
All authentication methods packaged listed below are production-ready:
Using a database like MySQL, PostgreSQL, or SQL Server enables additional features within Keeper Connection Manager, including connection sharing and a web-based administration interface. The LDAP authentication allows authentication to be provided through an LDAP directory such as OpenLDAP or Active Directory, and can be combined with a database, thus avoiding the need to store connections within the LDAP directory using schema modifications.
If you wish to enable multi-factor authentication in front of Keeper Connection Manager, you may do so with Duo or TOTP. Multi-factor authentication is supported in front of any of the above production-ready authentication mechanisms, however keep in mind that a database is always required for TOTP:
Important Note: MFA cannot be activated if the SAML authentication method is already active.
Last modified 2mo ago