Table of Contents
Advertisement
Configuring TACACS+ for ZoneRanger direct
The Use TACACS+ for ZoneRanger access control checkbox enables ZoneRanger to
authenticate and authorize web, Telnet, and SSH users using TACACS+. ZoneRanger may be
configured to authenticate directly to a TACACS+ server or through a Ranger Gateway using
TACACS+ proxy. The Access Mode dropdown determines which method the ZoneRanger
should use to authenticate with a TACACS+ server.
Figure 34-20. Configuring ZoneRanger to authenticate via TACACS+ directly
When authenticating the ZoneRanger itself directly to a TACACS+ server, at least one
TACACS server must be specified along with Login Type. Use the Add TACACS+ Server
button to add additional TACACS+ servers. ZoneRanger will choose from the listed
TACACS+ servers with which it has most recently authenticated successfully. If the current
authentication fails, the ZoneRanger will use additional servers if a timeout has not yet
occurred. The privilege levels corresponding to the operator and administrator privileges must
be set to those configured on the TACACS+ server. The ZoneRanger uses an authorization
request to retrieve the privilege level of the user from the TACACS+ server. This request
contains a number of authorization arguments one of which must be the primary service.
Additional arguments may be required by the TACACS+ server in order to return the privilege
level of the user.
ZoneRanger 5.5 User's Guide
134
Hide quick links:
Advertisement
Table of Contents
