Filter
Top Products
150 Configuring groups and profiles
Groups
The Nortel SNAS determines which VLANs users are authorized to
access, based on group membership.
When a user logs on to the Nortel SNAS domain, the authentication
method returns the group name associated with the user’s credentials.
The Nortel SNAS then maps the user to groups defined on the Nortel
SNAS. You can define up to 1023 groups in the Nortel SNAS domain.
Each group’s data include the following configurable parameters:
•
linksets
•
Nortel Health Agent SRS rule
• extended profiles
After the user has been authenticated, the Nortel SNAS checks the
groups defined for the domain to match the group name returned from the
authentication database. For the duration of the user’s login session, the
Nortel SNAS maintains a record of the group matched to the user.
When the Nortel SNAS has identified the matching group, it applies group
data to the user as follows:
•
linksets—All linksets configured for the group of which the user is a
member display on the user’s portal page (see “Linksets” (page 151)).
•
Nortel Health Agent SRS rule—The Nortel Health Agent host integrity
check uses the criteria specified in the SRS rule assigned to the group.
•
extended profiles—The Nortel SNAS checks the group to identify if
there is an applicable extended profile (see “Extended profiles” (page
151)).
For information about configuring a group, see “Configuring groups” (page
156).
Default group
You can configure a group to be the default group, with limited access
rights. If the group name returned from the authentication database does
not match any group defined on the Nortel SNAS, the Nortel SNAS will
map the user to the default group.
To create a default group, see “Creating a default group” (page 169).
Nortel Secure Network Access Switch
Using the Command Line Interface
NN47230-100 03.01 Standard
28 July 2008
Copyright © 2007, 2008 Nortel Networks
.