Filter
Top Products
183
Chapter 13
User Accounts and Groups
User accounts in WinRoute improve control of user access to the Internet from the local
network. User accounts can be also used to access the WinRoute administration using
the Administration Console.
WinRoute supports several methods of user accounts and groups saving, combining
them with various types of authentication, as follows:
Internal user database
User accounts and groups and their passwords are saved in WinRoute. During au-
thentication, usernames are compared to the data in the internal database.
This method of saving accounts and user authentication is particularly adequate for
networks without a proper domain, as well as for special administrator accounts
(user can authenticate locally even if the network communication fails).
On the other hand, in case of networks with proper domains (Windows NT or Active
Directory), local accounts in WinRoute may cause increased demands on adminis-
tration since accounts and passwords must be maintained twice (at the domain and
in WinRoute).
Internal user database with authentication within the domain
User accounts are stored in WinRoute. However, users are authenticated at Windows
NT or Active Directory domain (i.e. password is not stored in the user account in
WinRoute). Obviously, usernames in WinRoute must match with the usernames in
the domain.
This method is not so demanding as far as the administration is concerned. When,
for example, a user wants to change the password, it can be simply done at the
domain and the change will be automatically applied to the account in WinRoute. In
addition to this, it is not necessary to create user accounts in WinRoute by hand, as
they can be imported from a corresponding domain.
Import of user accounts from Active Directory
If Active Directory (Windows 2000 Server / Windows Server 2003) is used, auto-
matic import of user accounts from it can be enabled. It is not necessary to define
accounts in WinRoute, nor import them, since it is possible to configure templates
by which specific parameters (such as access rights, content rules, transfer quotas,
etc.) will be set for new WinRoute users. A corresponding user account will be au-
tomatically imported upon the first login of the user to WinRoute. Parameters set
by using a template can be modified for individual accounts if necessary.