Filter
Top Products
Basic Configuration Tasks
Storing User Profiles
Chapter 332
Storing User Profiles
The user information that determines how an access request is authenticated and authorized
is configured in a profile as a set of A-V pairs. These user profiles are grouped by realm and
may be stored in flat text files or an external source such as an Oracle database or and LDAP
server. Realms are recognized by the realm component of a user’s Network Access Identifier. If
you have a small AAA deployment without several realm-specific configurations, you can
define a default realm and store it in the users file.
Storing User Profiles in the Default Users File
When the AAA server receives a request, before it checks for profiles grouped by realms, it
first checks the default users file for a matching profile. Use the following steps to store user
profiles in the default users file:
Step 1. Access the Server Manager.
Step 2. Load the configuration from the appropriate AAA server by selecting the Load
Configuration link from the Navigation Tree.
Step 3. Select the Users link from the Navigation Tree.
Step 4. Select the New User link.
Step 5. The User Attributes screen will appear. In the User Name text box, enter the name
of the user profile.
IMPORTANT You must enter the user’s fully-qualified name when adding to the
default users file. For example, enter user1@organization.com
instead of only entering user1.
Step 6. Select Local from the Authentication Type list to authenticate the user with the
authentication method configured for their realm. Selecting options other than
Local will supersede the authentication method configured for the user’s realm and
define a specific authentication method for that individual user.
Step 7. Enter a password for the user and confirm it by entering it again.
Step 8. Choose how you want to store the user’s password by selecting a hashing method in
the Password Hashing Mechanism field. Select Plain Text to be compatible with
most client password hashing methods. If you prefer not to use Plain Text, be sure