Skip to main content
ExLibris
  • Subscribe by RSS
  • Ex Libris Knowledge Center

    Security

    Translatable

    Restricting Alma Logins by IP Range

    To configure IP group configuration, you must have the following role:
    • General System Administrator
    You can restrict users from logging in to Alma according to IP address. There are two steps in configuring this feature. First you create IP groups and then you configure login access for these groups. Only these IP groups are then authorized to log in to Alma.
    To restrict login by IP groups:
    1. From the IP Group Configuration page (Configuration Menu > General > Security > IP Group Configuration), select Add IP Group. The Add IP Group pane appears.
      Add IP Group
    2. Enter the following:
      • Group Code – A code for the IP group
      • Group Name – A name for the IP group that can be changed later
      • IP Version – IPv4 or IPv6
      • IP Match Criteria – A specific IP address or an IP range (two valid IP addresses separated by a hyphen)
    3. Select Add IP definition to Group. The range is added to the group and appears in the table.
    4. You can define multiple IP ranges for each group. Repeat steps 2 and 3 as necessary. To remove a range, select Delete in the row actions list.
    5. When you have finished adding IP ranges, select Add and Close. The IP group is added.
      To edit the group, select Edit in the row actions list. To delete the group, select Delete in the row actions list.
    6. Open the Login Restriction Configuration page (Configuration Menu > General > Security > Login Restriction Configuration). Note that login restrictions are disabled until you enable them on this page.
      Login Restriction Configuration
    7. Select the IP groups from IP Group whose IP addresses you want to allow login access, and select Add. You can select Add all groups to add all IP groups.
      Once an IP group is selected, all other IP addresses are restricted from logging in.
    8. Select a manager from the IP restrictions manager box (mandatory). This manager receives any messages sent by users when a login attempt is made from a restricted IP address.
    9. Select Enable login restrictions. To save your changes without enabling or disabling login restrictions, select Save.
      • You must select Enable login restrictions for the IP login restrictions to take effect.
      • Users with the General Administrator role are not restricted.
      • To disable login restrictions at a later time, select Disable login restrictions.
    If a user with a restricted IP address attempts to log in to Alma, the following message appears:
    Access Blocked
    The user can select Contact Administrator to contact the IP restrictions manager configured above.
    To override these restrictions for a particular user, select Disable all login restrictions when editing the user (see Editing Users).
    • Was this article helpful?