Administration Guide 65Changing the Authentication Type of the Default RealmTo change a user’s password1 On the Access Policy Manager tab, right-click a user, and click Set Password.2 Type the password twice and then click OK.Using LDAP Authorization with Local AuthenticationBy default, the Firebox SSL VPN Gateway obtains an authenticated user’s group(s) from the local groupfile stored on the Firebox SSL VPN Gateway. Alternatively, you can configure the Firebox SSL VPN Gate-way to obtain an authenticated user’s group(s) from an LDAP server. If the user is not located on theLDAP server, the Firebox SSL VPN Gateway checks its local group file.To use LDAP authorization with local authentication1 In the Firebox SSL VPN Gateway Administration Tool, click the Authentication tab.2 Open the window for the realm that is configured for local authentication. This is the Default realmunless the authentication type was changed.3 Click the Authorization tab.4 In Authorization Type, select LDAP Authorization.5 Complete the information for the LDAP server.For a description of LDAP server settings, see “Using LDAP Servers for Authentication and Authorization” on page73. For information about looking up LDAP server settings, see “Determining Attributes in your LDAP Directory”on page 78.Changing the Authentication Type of the Default RealmWhen a user logs on to the Default realm, the user does not have to specify a realm name. For any otherrealm, the user must specify a realm name when logging on. Thus, if most users are logging on to a non-local authentication realm, change the authentication type of the Default realm.To change the authentication type of the Default realm, remove the Default realm and then immedi-ately create a new one.Configuring the Default RealmThe Firebox SSL VPN Gateway has a permanent realm named Default. The Default realm is preconfig-ured for local authentication. If you want to change the authentication method of the Default realm, itmust be immediately replaced with a new Default realm.The Default realm is assumed when a user enters only a user name when logging on to the Access Gate-way. For any other realm, the user must specify a realm name when logging on. Thus, if most users arelogging on to a non-local authentication realm, change the authentication type of the Default realm.To change the authentication type of the Default realm, remove the Default realmand then immediately create a new realm with the appropriate authenticationconfiguration.To remove and create a Default realm1 Click the Authentication tab.2 Open the window for the Default realm.