RuggedCom RX1000 Network Router User Manual


 
Chapter 3 - Configure Webmin Users
Chapter 3 - Configure Webmin Users
Introduction
This chapter familiarizes the user with:
Configuring Webmin users
Displaying and removing existing login sessions
Setting up password restrictions
Webmin User and Group Fundamentals
When the Webmin package is installed for the first time, an account for the user:
“root” exists on the router. Besides the root account, three groups, or privilege levels,
are defined: “administrator”, “operator”, and “guest”.
Users belong to the “administrator” group have full access to all Webmin
modules.
Users belonging to the “operator” group have full access to most Webmin
modules with the following exceptions: “Webmin Configuration”, “Webmin
Event Log”, “Webmin Users”, “Scheduled Commands”, “Scheduled Cron
Jobs”, “System Hostname”, “System Time”, “SSH Server”, “Backup And
Restore”, “Upgrade System”, and “Upload/Download Files”.
Users belong to the “guest” group can only view configuration and statistics
but can not change them. Besides this limitation, they also have no access to
the modules forbidden to the “operator” group, listed above.
The root user must always be defined. New Webmin users can be created and deleted,
and must belong to one of the three aforementioned groups. New Webmin user
names must contain only the characters “a-zA-Z0-9-.@” but must not begin with “@”
and must not conflict with any other user or group name.
RADIUS User Access Control Fundamentals
Webmin provides the ability to authenticate against a RADIUS server in order to
centralize the creation and maintenance of user accounts. Multiple RuggedRouters
may be configured to authenticate Webmin users using a common RADIUS server,
eliminating the need to replicate the effort of configuring the same user account
information on many routers.
If RuggedRouter is configured to use RADIUS to authenticate Webmin users (in the
Miscellaneous module under the Maintenance category), the router will present the
configured RADIUS server with the user name and password presented to a Webmin
session for authentication. If the RADIUS server authenticates the user, it will return
an indication of success along with the privilege level (described above) associated
with the user.
A user successfully authenticated by the RADIUS server will have Webmin access
corresponding to his/her privilege level, as configured for the user account on the
RADIUS server. For information on how to configure user accounts on the RADIUS
server, please refer to Appendix E - RADIUS Server Configuration
RuggedCom 39