Configuring Advanced Local Authentication Procedures; Configuring For Radius Authentication - Novell ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010 Manual

Configuring Advanced Local
4
Authentication Procedures
The following authentication procedures require more than a username and password. Some of them
require that you configure another server to provide the user with a token or a certificate.
 "Configuring for RADIUS Authentication" on page 139
"Configuring Mutual SSL (X.509) Authentication" on page 140

"Creating an ORed Credential Class" on page 145

 "Configuring for OpenID Authentication" on page 147
"Configuring Password Retrieval" on page 148

"Configuring Access Manager for NESCM" on page 149

 "Configuring for Kerberos Authentication" on page 159

4.1 Configuring for RADIUS Authentication

RADIUS enables communication between remote access servers and a central server. Secure token
authentication through RADIUS is possible because Access Manager works with Novell Modular
Authentication Service (NMAS) RADIUS software that can run on an existing NetWare server.
Access Manager supports both PIN and challenge-and-response methods of token-based
authentication. In other words, RADIUS represents token-based authentication methods used to
authenticate a user, based on something the user possesses (for example, a token card). Token
challenge-response is supported for two-step processes that are necessary to authenticate a user.
1 In the Administration Console, click Devices > Identity Server > Edit > Local > Classes.
2 Click New.
3 Specify a display name, then select RadiusClass or ProtectedRadiusClass from the drop-down
menu.
4 Click Next.

Configuring Advanced Local Authentication Procedures

4
139