Storm season is back, bringing with it the potential for significant weather events. If you have clients in areas prone to infrastructure disruption, visit the Disaster Recovery Resources guide for preparedness information. Datto recommends performing proactive disaster recovery testing to mitigate potential downtime. See our articles about the importance of disaster recovery testing and Preparing For A Cloud Virtualization Test: Policies, Procedures, And Partner Responsibilities to learn more. For live updates, follow @datto on Twitter.

FAQ: Authentication Methods Compatible with Datto Appliances



This article answers frequently-asked questions about Datto appliance compatibility with common authentication methods.


Can the Datto appliance be configured to use the following types of authentication?

LDAP: Datto devices can authenticate to an LDAP server in the same way they authenticate to any other type of domain. LDAP is configured within your network infrastructure.

Radius: This form of authentication is only supported by appliances in the Datto Networking suite. It is not currently supported on SIRIS, Alto, or DNAS devices.

SSL: HTTPS and SSL are supported on Datto appliances running the IRIS 3 (Ubuntu 16.04) software stack. Because these devices use a self-signed certificate, you may receive a browser warning that the certificate is untrusted when accessing the appliance's GUI via HTTPS. If the appliance is on a managed switched network with no malicious activity, this warning can be disregarded.

To enable HTTPS on a Datto appliance, access the device's GUI and navigate to Configure → Device Settings → HTTPS → Enable HTTPS. The device will generate a self-signed certificate which will negotiate a bidirectionally tunneled authentication mechanism. SSL is included in the exchange.

PAP and SPAP: Not supported. PAP sends a username and password to the authentication server in plain text, and is not secure. It was primarily used when connecting to old Unix-based servers with no support for more advanced encryption protocols. SPAP uses a reversible encryption mechanism, and is also not secure.

CHAP: Datto appliances use CHAP authentication for iSCSI shares by default.

EAP: This form of authentication is 802.11x-based, and is only applicable to appliances in the Datto Networking suite. It is not supported on SIRIS, Alto, or DNAS devices. 

Certificate services: Not currently supported.

Was this article helpful?

0 out of 0 found this helpful

You must sign in before voting on this article.

Calling all Partners! We want to hear your feedback! Please participate in this quick survey and help us build a better, more-relevant Knowledge Base!

Want to talk about it? Head on over to our Community Forum!