Chapter 3: Operations
23
USER ADD <
username
> ACCESS=<
access
>
2. To change a user’s access rights/level, issue a User Set command, using the Access parameter
to specify the rights or a level.
USER SET <
username
> ACCESS=<
access
>
3. To display the access rights and level for one or all users, issue a Show User command.
SHOW USER <
username
>|ALL
For more information, see
on page 67 and
Using Authentication Methods
The CCM appliance supports several methods for authenticating users: local, RADIUS and none.
Multiple connection and authentication methods may operate concurrently. By default,
authentication is performed at the local CCM user database.
Local authentication
Local authentication uses the CCM appliance internal user database to authenticate users. You may
optionally specify both local and RADIUS authentication, in either order. In this case,
authentication will be attempted initially on the first method specified. If that fails, the second
method will be used for authentication.
RADIUS authentication
RADIUS authentication uses an external third party RADIUS server containing a user database to
authenticate CCM appliance users. The CCM appliance, functioning as a RADIUS client, sends
usernames and passwords to the RADIUS server. If a username and password do not agree with
equivalent information on the RADIUS server, the CCM appliance is informed and the user is
denied CCM access. If the username and password are successfully validated on the RADIUS
server, the RADIUS server returns an attribute that indicates the access rights defined for
that username.
To use RADIUS authentication, you must specify information about the primary RADIUS server
and optionally, a secondary RADIUS server to be used as a backup.
The RADIUS server definition values specified in CCM appliance commands must match
corresponding values configured on the RADIUS server. On the RADIUS server, you must include
CCM appliance-specific information: the list of valid users and their access rights for the CCM
appliance. Each user-rights attribute in the RADIUS server’s dictionary must be specified as a
string containing the user’s access rights for the CCM appliance, exactly matching the syntax used
in the CCM User Add command.
Consult your RADIUS administrator’s manual for information about specifying users and their
attributes. The exact process depends on the RADIUS server you are using.
Summary of Contents for Equinox Console Manager CCM4850 CCM4850 CCM4850
Page 8: ...vi CCM4850 Installer User Guide...
Page 10: ...viii CCM4850 Installer User Guide...
Page 16: ...4 CCM4850 Installer User Guide...
Page 44: ...32 CCM4850 Installer User Guide...
Page 82: ...70 CCM4850 Installer User Guide...