Table of Contents
Advertisement
When a user logs in, the SRA appliance will validate with the appropriate Active Directory,
RADIUS, or NT server that the user is authorized to login. If the user is authorized, the SRA
appliance will check to see if a user exists in the SRA appliance database for users and groups.
If the user is defined, then the policies and bookmarks defined for the user will apply.
For example, if you create a RADIUS domain in the SRA appliance called "Miami RADIUS
server", you can add users to groups that are members of the "Miami RADIUS server" domain.
These user names must match the names configured in the RADIUS server. Then, when users
login to the portal, policies, bookmarks and other user settings will apply to the users. If the AAA
user does not exist in the SRA appliance, then only the global settings, policies and bookmarks
will apply to the user.
This section contains the following subsections:
•
•
•
Bookmark Support for External (Non-Local) Users
The Virtual Office bookmark system allows bookmarks to be created at both the group and user
levels. The administrator can create both group and user bookmarks which will be propagated
to applicable users, while individual users can create only personal bookmarks.
Since bookmarks are stored within the SRA appliance's local configuration files, it is necessary
for group and user bookmarks to be correlated to defined group and user entities. When
working with local (LocalDomain) groups and users, this is automated since the administrator
must manually define the groups and users on the appliance. Similarly, when working with
external (non-LocalDomain, for example, RADIUS, NT, LDAP) groups, the correlation is
automated since creating an external domain creates a corresponding local group.
However, when working with external (non-LocalDomain) users, a local user entity must exist
so that any user-created (personal) bookmarks can be stored within the SRA configuration files.
The need to store bookmarks on the SRA appliance itself is because LDAP, RADIUS, and NT
Authentication external domains do not provide a direct facility to store such information as
bookmarks.
Rather than requiring administrators to manually create local users for external domain users
to use personal bookmarks, the SRA appliance automatically creates a corresponding local
user entity upon user login. Bookmarks can be added to the locally-created user.
For example, if a RADIUS domain called myRADIUS is created, and RADIUS user jdoe logs on
to the SRA appliance, the moment jdoe adds a personal bookmark, a local user called jdoe will
be created on the SRA appliance as type External, and can then be managed like any other
local user by the administrator. The external local user will remain until deleted by the
administrator.
Adding a RADIUS Group
Note Before configuring RADIUS groups, ensure that the RADIUS Filter-Id option is enabled for
the RADIUS Domain to which your group is associated. This option is configured in the
Portals > Domains page.
334 | SRA 6.0 Administrator's Guide
"Bookmark Support for External (Non-Local) Users" section on page 334
"Adding a RADIUS Group" section on page 334
"Adding an Active Directory Group" section on page 335
Hide quick links:
Advertisement
Chapters
Table of Contents
