A single RADIUS client can be configured in AuthMnder. If you want to configure multiple organizations in AuthMinder to use the same RADIUS client, then add the RADIUS client at the global level. Otherwise, for a single organization, add the RADIUS client for that organization.
Follow these steps:
Specifies the IP Address of the RADIUS client through which users authenticate to AuthMinder Server.
Specifies the secret key shared between the RADIUS client and the AuthMinder Server.
Note: The minimum length of the key is 1 character, and the maximum length is 512 characters.
Specifies a short description of the RADIUS client. If you configure multiple clients, the description of each client helps distinguish between clients.
Indicates the authentication mechanism that will be used for RADIUS-based access. Select one of the following authentication mechanisms:
Specifies the default authentication mechanism that is used to authenticate RADIUS requests. A One-Time Token (OTT) is used as the password for authentication.
Specifies that any password or OTP can be used for authentication. Typically, the In-Band Password option is used in the following scenarios:
To resolve the credential type
Use the In-Band Password option if you want to authenticate users with credentials that are set using credential type resolution.
Note: You configure credential type resolution to map an input request that has an unknown credential type with a particular password-based authentication mechanism or to support any password-based authentication mechanism for RADIUS.
(Optional, applicable for global configurations only) To specify the organization name
In a RADIUS request, organization information can be sent with a password in the <orgname>\n<password> format. AuthMinder can extract the organization name from a password specified in this format. To enable the use of this feature, associate organizations with the RADIUS client as follows:
a. Use the > button to move the required organizations from the Available Organizations list to the Supported Organizations list.
b. Specify the default organization for the RADIUS client. If organization information is not sent with the password, then this default organization is considered in the authentication to resolve user details.
This option is not currently supported. Do not select it.
Specifies a unique attribute identifier.
Example: 26
Specifies the value corresponding to the attribute ID. You can pass static values, variables such as user attributes or custom attributes, or a combination of static values and variables. For example, for the user JSmith, if the custom user attribute key-value pair is Employee ID=150, then you can include the employee ID in the RADIUS response as follows:
JSmith = $$Employee ID$$
This setting returns JSmith = 150.
The RADIUS client is added. This configuration will take effect after you refresh the cache.
Copyright © 2013 CA.
All rights reserved.
|
|