Configuring Authorization
To configure the authorization method for the new administrator, click the Authorization
tab and select local or remote authentication:
•
For locally authenticated administrators, the NSM management server handles
authentication. You must specify the password that NSM uses to authenticate the
administrator; the administrator must enter this password at the NSM UI login screen.
NOTE:
All NSM passwords are case-sensitive.
•
For remotely authenticated administrators, a RADIUS authentication server handles
authentication. Because the administrator password is stored on the RADIUS server,
you do not need to enter the password again, however, the administrator must enter
the password at the NSM UI login screen.
To configure the RADIUS authentication server for NSM administrators, see the
Network
and Security Manager Online Help
topic “Editing the Domain Contact.”
NOTE:
The super administrator has full permissions. You cannot change
or delete permissions for the super administrator; you can only change the
password. Because the super administrator has complete control over
NSM functionality, we recommend that you consider the security of the
super administrator password appropriately. If you forget or lose the super
administrator password, please contact the Juniper Technical Assistance
Center (JTAC).
RADIUS Authentication and Authorization
NSM supports both local and RADIUS user authentication. It manages access control
both through the local database and through the RADIUS server.
You are not required to define RADIUS users in the local NSM database. The AUTH
Handler looks at the local database to find the user, and then, if no match is found, to
the RADIUS server. You can also define the role assignment for each user directly from
the RADIUS server.
NOTE:
You must configure your RADIUS server individually for each domain.
NSM also supports a secondary RADIUS server for administrator authentication and
authorization when the primary RADIUS server cannot be contacted.
There are two kinds of users: local users and RADIUS users. The local user is created
locally and authentication data is stored in the local database. The default authentication
mode is local mode. The RADIUS user is created only on a RADIUS server and can only
be authenticated using a remote RADIUS server.
Copyright © 2010, Juniper Networks, Inc.
68
Network and Security Manager Administration Guide
Содержание NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1
Страница 6: ...Copyright 2010 Juniper Networks Inc vi...
Страница 36: ...Copyright 2010 Juniper Networks Inc xxxvi Network and Security Manager Administration Guide...
Страница 52: ...Copyright 2010 Juniper Networks Inc 2 Network and Security Manager Administration Guide...
Страница 90: ...Copyright 2010 Juniper Networks Inc 40 Network and Security Manager Administration Guide...
Страница 146: ...Copyright 2010 Juniper Networks Inc 96 Network and Security Manager Administration Guide...
Страница 236: ...Copyright 2010 Juniper Networks Inc 186 Network and Security Manager Administration Guide...
Страница 292: ...Copyright 2010 Juniper Networks Inc 242 Network and Security Manager Administration Guide...
Страница 314: ...Copyright 2010 Juniper Networks Inc 264 Network and Security Manager Administration Guide...
Страница 368: ...Copyright 2010 Juniper Networks Inc 318 Network and Security Manager Administration Guide...
Страница 370: ...Copyright 2010 Juniper Networks Inc 320 Network and Security Manager Administration Guide...
Страница 484: ...Copyright 2010 Juniper Networks Inc 434 Network and Security Manager Administration Guide...
Страница 584: ...Copyright 2010 Juniper Networks Inc 534 Network and Security Manager Administration Guide...
Страница 588: ...Copyright 2010 Juniper Networks Inc 538 Network and Security Manager Administration Guide...
Страница 600: ...Copyright 2010 Juniper Networks Inc 550 Network and Security Manager Administration Guide...
Страница 678: ...Copyright 2010 Juniper Networks Inc 628 Network and Security Manager Administration Guide...
Страница 694: ...Copyright 2010 Juniper Networks Inc 644 Network and Security Manager Administration Guide...
Страница 700: ...Copyright 2010 Juniper Networks Inc 650 Network and Security Manager Administration Guide...
Страница 706: ...Copyright 2010 Juniper Networks Inc 656 Network and Security Manager Administration Guide...
Страница 708: ...Copyright 2010 Juniper Networks Inc 658 Network and Security Manager Administration Guide...
Страница 758: ...Copyright 2010 Juniper Networks Inc 708 Network and Security Manager Administration Guide...
Страница 788: ...Copyright 2010 Juniper Networks Inc 738 Network and Security Manager Administration Guide...
Страница 882: ...Copyright 2010 Juniper Networks Inc 832 Network and Security Manager Administration Guide...
Страница 908: ...Copyright 2010 Juniper Networks Inc 858 Network and Security Manager Administration Guide...
Страница 918: ...Copyright 2010 Juniper Networks Inc 868 Network and Security Manager Administration Guide...
Страница 920: ...Copyright 2010 Juniper Networks Inc 870 Network and Security Manager Administration Guide...
Страница 1005: ...PART 6 Index Index on page 957 955 Copyright 2010 Juniper Networks Inc...
Страница 1006: ...Copyright 2010 Juniper Networks Inc 956 Network and Security Manager Administration Guide...