Cyclades User's Guide Switch User Manual


 
Web Manager for Administrators 209
Configuration
Group Authorization
Group authorization adds an additional level of system security by enabling a
network-based authorization in addition to the initial authentication.
A group information retrieval from the TACACS+, RADIUS, LDAP, and
NTLM authentication servers enables authorization in addition to
authentication. An administrator can configure the authentication server to
add group authorization checking.
The following table points to procedures on configuring an authentication
server for group authorization.
T To Identify a Kerberos Authentication Server
Perform this procedure to identify the authentication server when the KVM/
net or any of its ports is configured to use the Kerberos authentication method
or any of its variations (Kerberos, Local/Kerberos, Kerberos/Local, or
KerberosDownLocal.)
Before starting this procedure, find out the following information from the
Kerberos server’s administrator:
Realm name and KDC address
Host name and IP address for the Kerberos server
Also, work with the Kerberos server’s administrator to ensure that following
types of accounts are set up on the Kerberos server and that the administrators
To Configure Group Authorization on a LDAP Server Page 214
To Configure Group Authorization on a NTLM Server Page 214
To Configure Group Authorization on a RADIUS Server Page 218
To Configure Group Authorization on a TACACS+ Server Page 221