Appendix G Using RADIUS Authentication
G.3 Setting Up the RADIUS Server
ETERNUS Web GUI User’s Guide (Settings)
Copyright 2015 FUJITSU LIMITED
P2X0-1270-13ENZ0
1073
●
Register the ETERNUS DX as a RADIUS client
(1) Select [Start]
[Administrative Tools]
[Server Manager].
(2) Select [Roles]
[Network Policy and Access Services]
[NPS]
[RADIUS Clients and Servers]
[RADIUS Clients].
Right-click [RADIUS Clients] and select [New RADIUS Client], and set the various items.
•
For the "Address (IP or DNS)", set the IP address of the client ETERNUS DX.
•
For the "Vendor name", set "RADIUS Standard".
•
For the "Shared secret", set the shared key that is registered on the client ETERNUS DX.
●
Set the Accessible User Group and the Authentication Method
(1) Select [Start]
[Administrative Tools]
[Server Manager].
(2) Select [Roles]
[Network Policy and Access Services]
[NPS]
[Policies]
[Network
Policies].
Right-click [Network Policies], select [New], and set the various items.
•
Click "Add" in the "Conditions" tab and add "Windows Groups". For "Windows Groups", add the
group that was created for the ETERNUS DX.
•
For the "secure authentication methods", check "Encryption authentication (CHAP(C))" or
"Unencrypted authentication (PAP,SPAP)(S)". Select the same setting as is set on the
ETERNUS DX.
●
Set the role with Vendor Specific Attribute (VSA)
(1) Select [Start]
[Administrative Tools]
[Server Manager].
(2) Select [Roles]
[Network Policy and Access Services]
[NPS]
[Policies]
[Network
Policies].
Select and double-click the newly added policy.
(3) Set the following items using the [Add] button under [Vendor Specific] on the [Settings] tab.
•
For the "Attributes", add "Vendor-Specific/RADIUS Standard".
•
For the "Enter Vendor Code", enter "211".
•
For the "RADIUS RFC", click "Yes, it conforms".
•
For the "Vendor-assigned attribute number", enter "1".
•
For the "Attribute format", select "String".
•
For the "Attribute Value", enter the role name(s) that are registered on the ETERNUS DX, and
which the users who belong to the added "Groups" can select when logging in to the
ETERNUS DX. The server-side role names are case sensitive and must be input correctly.
[Example] RoleName0
Содержание Eternus DX200F
Страница 2: ...This page is intentionally left blank ...
Страница 1082: ......