Filter
Top Products
Chapter 7: User Management
128
Important Notes
Group Name is case sensitive.
The KX II provides the following default groups that cannot be
changed or deleted: Admin and <Unknown>. Verify that your Active
Directory server does not use the same group names.
If the group information returned from the Active Directory server
does not match a KX II group configuration, the KX II automatically
assigns the group of <Unknown> to users who authenticate
successfully.
If you use a dialback number, you must enter the following
case-sensitive string: msRADIUSCallbackNumber.
Based on recommendations from Microsoft, Global Groups with user
accounts should be used, not Domain Local Groups.
Implementing RADIUS Remote Authentication
Remote Authentication Dial-in User Service (RADIUS) is an AAA
(authentication, authorization, and accounting) protocol for network
access applications.
To use the RADIUS authentication protocol:
1. Click User Management > Authentication Settings to open the
Authentication Settings page.
2. Click the RADIUS radio button to enable the RADIUS section of the
page.
3. Click the icon to expand the RADIUS section of the
page.
4. In the Primary Radius Server and Secondary Radius Server fields,
type the IP address of your primary and optional secondary remote
authentication servers, respectively (up to 256 characters).
5. In the Shared Secret fields, type the server secret used for
authentication (up to 128 characters).
The shared secret is a character string that must be known by both
the KX II and the RADIUS server to allow them to communicate
securely. It is essentially a password.
6. The Authentication Port default is port is 1812 but can be changed
as required.
7. The Accounting Port default port is 1813 but can be changed as
required.
8. The Timeout is recorded in seconds and default timeout is 1 second,
but can be changed as required.
The timeout is the length of time the KX II waits for a response from
the RADIUS server before sending another authentication request.