WebADM™ (RCDevs Control Center)
WebADM™ is a powerful Web-based Directory Administration Software designed for professionals to manage LDAP Organization resources such as Domain Users and Groups. It is also the management console for RCDevs’ applications like OpenOTP and TiQR. WebADM is compatible with Novell eDirectory, OpenLDAP, OpenDirectory, Oracle Directory, 389 and Microsoft ActiveDirectory.
WebADM provides a hierarchical view of your LDAP organization, centralized audit and powerful applications’ management features. It is able to aggregate multiple heterogeneous LDAP directories in a single view. It supports delegated administration, fine-grained access-control to LDAP data and role-based permissions for all management operations. It provides both a Web-based graphical interface and a powerful RPC-based management API.
WebADM is the core framework component and application hosting container for all RCDevs’ Web Services (OpenOTP, SMSHub, TiQR…) and end-user WebApps (User Self Service Desk, Self Token Registration, OpenID & SAML IdP…).
It provides encrypted storage using AES-256 for any sensitive user information, application settings and Token inventories. It optionally supports Hardware Security Modules (HSM) in order to comply with the highest security requirements.
Supported LDAP Directory Servers:
- Novell eDirectory.
- Microsoft ActiveDirectory.
- Apple OpenDirectory.
- Oracle/SUN Directory.
- OpenLDAP (RedHat, CentOS, Debian…).
- RCDevs Directory Server (Custom OpenLDAP).
- For other LDAP support please ask RCDevs sales.
- HTTP / HTTPS for Administration and WebApps.
- SOAP / XML and REST over HTTP/HTTPS for Web Services.
- SQL databases (MySQL, Sybase, MS SQL, PostgreSQL, Oracle) for
logs and message localizations.
WebADM can manage and federate all your organization directories in one single interface. It connects your ActiveDirectory, Novell, OpenLDAP all together and provides hierarchical view, delegated administration and powerful management for your directory resources.
With OpenOTP installed, it implements your centralized Enterprise authentication system, working with users and groups from all your directories and domains.
Mixing Microsoft and UNIX
WebADM understands both Microsoft ActiveDirectory Domains and UNIX PAM-LDAP users. You can seamlessly manage both environments from the management interface. Better, WebADM can extend your ActiveDirectory users (with UNIX/Linux functionalities) to make your AD users work with your UNIX-based systems. WebADM is also the only software which able to unify your Microsoft and UNIX infrastructure so easily.
Hardware Security Modules
WebADM complies with the highest security requirements by supporting Hardware Security Modules (HSM). The YubiHSM hardware modules from Yubico (https://www.yubico.com/products/yubihsm/) are optionally used to enforce hardware cryptography (AES encryption for user data, Token Inventories…) and true random number generation (Token seed generation, out-of-band SMS OTPs…).
The use of HSM modules in WebADM is 100% transparent and the migration to hardware cryptography can be done at any time without impacting your business. WebADM server supports up to 8 HSM modules in hot-plug mode for fault-tolerance and increased performances.
Access to the management interfaces is secured by an integrated PKI and client certificates. Your WebADM installation can also be deployed on the Cloud with a total security. Through the ‘User Self Service Desk’ application, WebADM can operate your corporate certificate authority, certificate management and provisioning system. End-users can self-enroll their own certificates and use them for S/Mime or PGP mail.
MAIN KEY FEATURES
IAM control center and security application container
- Web-based and RPC-based admin interfaces
- Extensive LDAP management features
- Delegated administration and role-based access control
- Support multiple LDAP datasources at the same time
- Support hardware security modules with Yubico YubiHSM
- Per-client / network / location / group application policies
- Integrated PKI for managing Administrator and User certificates
- End-user PKI functionalities (S/Mime and PGP mail, encryption…)
- Multiple login modes (LDAP DN, Domain, User Certificates)
- Federation of multiple LDAP with RCDevs’ MountPoint technology
- Easy HA deployment with efficient cluster support
- Management of UNIX accounts in ActiveDirectory
- Smart LDAP batch operations (toggle group memberships, attributes…)
- Multilingual support for Web Services & WebApps with graphical editor
- Graphical configuration manager for RCDevs’ Web Services and WebApps
- Log viewer and reporting for Administration and RCDevs Applications
- Geolocation of administrator and RCDevs’ application access
- Automatic failover for LDAP, SQL, SMTP and session servers
- Mail-based system alerts
- IANA-registered LDAP schemas
- Works on any Linux system with no dependency
- PCI-DSS and HIPAA compliant