Disabling local accounts for interactive users
Overview
After enabling a corporate login solution for Nexthink, either via SAML or Windows authentication of users, disable local accounts for interactive users to enforce the security policies of corporate accounts.
Reserve the local accounts for API calls only.
Disabling local accounts
To disable local accounts for interactive users:
Log in to the CLI of the primary Appliance that hosts the Portal.
Optional: If the Portal has no configuration file yet, that is, if portal.conf does not exist in folder /var/nexthink/portal/conf, create it by copying the defaults from the sample configuration file:
sudo -u nxportal cp /var/nexthink/portal/conf/portal.conf.sample \
/var/nexthink/portal/conf/portal.conf
Edit the configuration file of the Portal:
sudo vi /var/nexthink/portal/conf/portal.conf
Add a configuration line to it:
Press Shift + G to go to the last line of the file.
Press o to add a new line.
Type in the following line:
globalconfig.portal.user.allow-local-logins = false
Press Esc and type in the following colon command to save changes an exit:
:wq
Restart the Portal:
sudo systemctl restart nxportal
Last updated