Authentication Portal - H3C MSR Series Command Reference Manual

authentication portal

Use authentication portal to specify authentication methods for portal users.
Use undo authentication portal to restore the default.
Syntax
In non-FIPS mode:
authentication portal { ldap-scheme ldap-scheme-name [ local ] [ none ] | local [ none ] | none |
radius-scheme radius-scheme-name [ local ] [ none ] }
undo authentication portal
In FIPS mode:
authentication portal { ldap-scheme ldap-scheme-name [ local ] | local | radius-scheme
radius-scheme-name [ local ] }
undo authentication portal
Default
The default authentication methods of the ISP domain are used for portal users.
Views
ISP domain view
Predefined user roles
network-admin
Parameters
ldap-scheme ldap-scheme-name: Specifies an LDAP scheme by its name, a case-insensitive string
of 1 to 32 characters.
local: Performs local authentication.
none: Does not perform authentication.
radius-scheme radius-scheme-name: Specifies a RADIUS scheme by its name, a case-insensitive
string of 1 to 32 characters.
Usage guidelines
You can specify one primary authentication method and multiple backup authentication methods.
When the primary method is invalid, the device attempts to use the backup methods in sequence.
For example, the authentication portal radius-scheme radius-scheme-name local none
command specifies the default primary RADIUS authentication method and two backup methods
(local authentication and no authentication). The device performs RADIUS authentication by default
and performs local authentication when the RADIUS server is invalid. The device does not perform
authentication when both of the previous methods are invalid.
Examples
# In ISP domain test, perform local authentication for portal users.
<Sysname> system-view
[Sysname] domain test
[Sysname-isp-test] authentication portal local
# In ISP domain test, perform RADIUS authentication for portal users based on scheme rd and use
local authentication as the backup.
<Sysname> system-view
[Sysname] domain test
23