Radius Authentication For Vhm Administrators - Black Box SmartPath LWN602A User Manual

Smartpath enterprise wireless system

Hide thumbs Also See for SmartPath LWN602A:

User manual (168 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

Table of Contents

Chapter 11: Deployment Examples CLI

LDAP User Group Attribute: Enter the attribute name defined on the Active Directory server that you want to use to link users to

user profiles on SmartPath AP authenticators. The default LDAP user group attribute name on Active

Directory is "memberOf". (The attribute type set on the Active Directory server must be "string".) The LDAP user group attribute

string can be up to 32 characters long.

SmartPath AP for communication: Choose the name of the SmartPath AP to use as a medium for communicating with the Active

Directory server. The usual choice is the SmartPath AP RADIUS server specified in the Active Directory profile.

Select an OU from the directory that has the same attribute name as that defined in the LDAP User Group Attribute field. The

default is "memberOf". Then, from the User Profile drop-down list, choose the user profile that you want to apply to users in the

selected OU, and click "Apply."

NOTE: If you select Global Catalog near the top of the page, then you also have the choice to type the user group name instead

of selecting an OU in the directory tree.

The mappings of OU to user profile are then shown in the order in which SmartPath AP authenticators will apply them, starting

from the top. If you want to rearrange the order of the mappings, select the checkbox of one of the OU-to-user profile mapping,

and then click the Up or Down arrow on the far right to move it to its new position.

Automatically map LDAP user groups to user profiles by matching attributes: Select this option to display the attribute names that

the Active Directory is using for user profiles, VLANs, and reauthorization time so that you can use them to make a dynamic

mapping of LDAP user groups (or OUs) on the Active Directory server to user profiles on SmartPath AP RADIUS authenticators.

User Profile Attribute: Enter the attribute name defined on the Active Directory server that you want to map to the user profile

attribute defined on SmartPath AP RADIUS authenticators. By default, the SmartPath AP RADIUS server maps the

msRADIUSCallbackNumber attribute in Active Directory to the user profile attribute defined on SmartPath AP RADIUS authentica-

tors. The attribute type set on the Active Directory server must be "string" and can be up to 32 characters long.

VLAN ID: Enter the attribute name defined on the Active Directory server whose VLAN ID setting you want to apply to the

authenticated user. By default, the SmartPath AP RADIUS server maps the msRASSavedCallbackNumber attribute in Active

Directory to the VLAN ID and forwards this to SmartPath AP RADIUS authenticators. The attribute type set on the Active

Directory server must be "string" and can be up to 32 characters long.

Reauthorization Time: Enter the attribute name defined on the Active Directory server whose reauthorization time setting you

want to apply to the authenticated user. By default, the SmartPath AP RADIUS server maps the msRADIUSServiceType attribute in

Active Directory to the reauth time and forwards this to SmartPath AP RADIUS authenticators. The attribute type set on the

Active Directory server must be "integer" and can be up to 32 characters long.

Step 3: Assign the RADIUS Server Settings to SmartPath APs

Click "Monitor > Access Points > SmartPath APs," select Config at the top of the main window, select the checkbox next to a

SmartPath AP with a static IP address that you want to make a RADIUS server, and then click "Modify." Expand the Service

Settings section, choose the SmartPath AP AAA Server Settings name from the SmartPath AP RADIUS Service drop-down list,

and then click "Save."

Repeat the above step for any other SmartPath APs that you want to make RADIUS servers with access to the same Active

Directory server. When done, push the configuration to all the SmartPath APs.

11.5 RADIUS Authentication for VHM Administrators

In previous SmartPath EMS VMA versions, it was only possible to use RADIUS authentication for home system administrators

when no VHMs were present. Now both home system administrators and VHM administrators can be authenticated through an

external RADIUS server.

724-746-5500 | blackbox.com

Page 176

Table of Contents

Chapters

Table of Contents

This manual is also suitable for:

Smartpath lwn600cm-1 Smartpath lwn600cm-3 Smartpath lwn602hae Smartpath lwn602ha Smartpath lwn602wa Smartpath lwn600vma ... Show all

Radius Authentication For Vhm Administrators - Black Box SmartPath LWN602A User Manual

11.5 RADIUS Authentication for VHM Administrators

Chapters

Related Manuals for Black Box SmartPath LWN602A

Related Content for Black Box SmartPath LWN602A

This manual is also suitable for:

Table of Contents