Dell PowerConnect W-Clearpass 100 Software Guía de usuario Pagina 173
- Pagina / 518
- Tabla de contenidos
- SOLUCIÓN DE PROBLEMAS
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
ClearPass Guest 3.9 | Deployment Guide RADIUS Services | 173
With authorization method Assign a fixed user role:
Sending Access-Request of id 122 to 127.0.0.1 port 1812
User-Name = "demouser"
User-Password = "XXXXXXXX"
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=122, length=27
Reply-Message = "Guest"
Note that in this case, the RADIUS attribute returned (Reply-Message) corresponds to the user role
selected.
With authorization method Use PHP code to assign a user role (Advanced) – more complex
authorization rules can be implemented to specify which role to assign to an authenticated user.
Authorization can use any of the available properties of the user account, as well as taking into account
other factors such as the time of day, previous usage, and more.
Advanced Authorization — Example 1
This example covers the case where a domain contains several organizational units (OUs), and the users in
each OU are to be mapped to a specific RADIUS role ID.
For example, to implement the following configuration:
OU East should be mapped to RADIUS role ID 4
OU Central should be mapped to RADIUS role ID 5
OU West should be mapped to RADIUS role ID 6
Make sure the following configuration is set:
1. First, ensure that the Base DN for the authentication server is set to the root of the domain – for
example: DC=server,DC=local – rather than the “users” container. This is necessary as the
organizational units are located below the top level of the directory and cannot be searched from the
CN=Users container.
2. Select the authorization method Use PHP code to assign a user role (Advanced) and use the
following code:
if (stripos($user['distinguishedname'],'OU=East')!== false) return 4;
if (stripos($user['distinguishedname'],'OU=Central')!== false) return 5;
if (stripos($user['distinguishedname'],'OU=West')!== false) return 6;
return false;
Explanation: During user authorization, the distinguished name of the user (which will contain the user’s
OU) is checked against the defined rules, and an appropriate role ID is returned. If no match is found, false
is returned, which means that authorization fails and the user’s Access-Request will be rejected.
Information on the stripos function for case-insensitive substring matching can be found at stripos().
Advanced Authorization — Example 2
This example covers the case where users are assigned group memberships, and users in a particular group
are to be mapped to a specific RADIUS role ID.
To determine the appropriate role ID, navigate to RADIUS Services> User Roles and check the ID column for the
appropriate role.
To determine the appropriate role ID, navigate to RADIUS Services> User Roles and check the ID column for the
appropriate role.
- ClearPass Guest 3.9 1
- 1344 Crossman Avenue 2
- Sunnyvale, California 94089 2
- Phone: 408.227.4500 2
- Fax 408.227.4550 2
- Contents 3
- Chapter 1 19
- Documentation Overview 20
- Getting Support 21
- If You Need More Assistance 22
- Chapter 2 23
- Reference Network Diagram 24
- Key Interactions 24
- AAA Framework 25
- Key Features 27
- Table 3 Common Terms 29
- Term Explanation 29
- Deployment Process 30
- Site Preparation Checklist 31
- Chapter 3 33
- VMware ESXi 34
- Console Login 35
- # Option Description 36
- Logging In 37
- Setting the System Hostname 39
- Configuring SNMP Settings 42
- Setup Completion 47
- Chapter 4 49
- Deployment Step Reference 50
- Onboard Feature List 51
- Supported Platforms 51
- Certificate Hierarchy 52
- Re-Provisioning a Device 54
- The ClearPass Onboard Process 58
- Accessing Onboard 64
- <p> 65
- Request page is displayed 75
- Minimum Period of 12 weeks 79
- Maximum Period of 52 weeks 79
- Creating a Certificate 80
- Managing Certificates 82
- Searching for Certificates 83
- Working with Certificates 83
- Requesting a Certificate 87
- Configuring Proxy Settings 102
- Onboard Troubleshooting 111
- Chapter 5 113
- Debug RADIUS Server 114
- Server Configuration 115
- User Roles 117
- Creating a User Role 118
- Adding Role Attributes 119
- Defining Attribute Tags 120
- AccessReject(); 121
- 'default_value'))) 123
- Network Access Servers 124
- Motorola (RFC 3576 support) 126
- Ruckus Networks 126
- Trendnet 126
- Xirrus 126
- Web Logins 128
- Creating a Web Login Page 129
- NAS Redirect Parameters 134
- NAS Login Parameters 135
- Using Web Login Parameters 135
- {$extra_fields.wlan} 136
- Solution Implementation 138
- Database Lists 140
- Dictionary 141
- Import Dictionary 142
- Export Dictionary 142
- Reset Dictionary 142
- Creating a New Vendor 143
- Edit Vendor 143
- Delete Vendor 143
- Export Vendor 143
- Vendor-Specific Attributes 144
- Add Attribute Value 145
- Editing Attribute Value 145
- Deleting Attribute Value 146
- PEAP Sample Configuration 152
- Configuring an LDAP EAS 166
- Chapter 6 179
- Operator Profiles 180
- Customizing Forms and Views 185
- Operator Profile Privileges 186
- Managing Operator Profiles 186
- Local Operator Authentication 187
- Viewing All Operator Logins 188
- LDAP Operator Authentication 190
- Advanced LDAP URL Syntax 193
- Viewing the LDAP Server List 193
- Testing Connectivity 194
- Looking Up Sponsor Names 195
- LDAP Translation Rules 196
- Operator Logins Configuration 200
- Operator Password Options 201
- Automatic Logout 202
- Chapter 7 203
- Sponsored Guest Access 204
- Self Provisioned Guest Access 204
- Creating a Guest Account 205
- Managing Guest Accounts 211
- Importing Guest Accounts 216
- Guest Manager Customization 220
- Verification Properties 225
- Basic User Properties 225
- Account Expiration Types 227
- Standard Fields 228
- Standard Forms and Views 228
- Customization of Fields 229
- Creating a Custom Field 230
- Duplicating a Field 231
- Editing a Field 231
- Deleting a Field 231
- Editing Forms and Views 232
- Duplicating Forms and Views 233
- Editing Forms 233
- Form Field Editor 234
- Form Display Properties 235
- Form Validation Properties 245
- 0 => 1 246
- 1 => 100 246
- Editing Views 252
- View Field Editor 253
- Using a Parent Page 258
- Paying for Access 258
- Editing Receipt Actions 262
- Editing Login Page Properties 267
- Customizing Print Templates 271
- Creating New Print Templates 272
- Print Template Wizard 273
- Create the Print Template 276
- MAC Address Formats 279
- Managing Devices 280
- Activating a Device 283
- Editing a Device 283
- MAC Creation Modes 285
- Add or enable mac 288
- Figure 35 RADIUS Role Editor 291
- Importing MAC Devices 292
- Advanced MAC Features 293
- Active Sessions Management 294
- Session States 295
- Sending Multiple SMS Alerts 301
- SMS Services 302
- Sending an SMS 304
- About SMS Credits 305
- SMS Receipt Options 306
- Customize SMS Receipt 308
- SMS Receipt Fields 309
- SMTP Services 310
- Email Receipt Options 312
- SMTP Receipt Fields 314
- Chapter 8 317
- Running and Managing Reports 318
- Edit a report 319
- Delete a Report 320
- Duplicate a Report 320
- Permissions 320
- Exporting Report Definitions 322
- Importing report Definitions 323
- Resetting Report Definitions 323
- About Custom Reports 324
- 600 * 8) 325
- <?= -date("Z") 326
- Report Type 328
- Report Parameters 329
- Data Source 332
- Select Fields 333
- Source Filters 335
- Classification Groups 337
- Statistics and Metrics 339
- Output Series 342
- Output Series Fields 343
- Output Filters 344
- Presentation Options 346
- Table Presentations 347
- Text Presentations 347
- Creating Reports 348
- Creating the Report – Step 1 349
- Creating the Report – Step 2 349
- Creating Sample Reports 350
- Report Troubleshooting 355
- Troubleshooting Tips 356
- Chapter 9 357
- 1000 Mbit, full duplex 363
- MGT eth0 1 364
- LAN eth1 11 364
- Managing Static Routes 365
- Creating a VLAN Interface 366
- Managing VLAN Interfaces 367
- Active (up) 368
- Active with default gateway 368
- Inactive (down) 368
- Login Access Control 369
- Network Diagnostic Tools 370
- Network Hosts 374
- HTTP Proxy Configuration 375
- SNMP Configuration 375
- Supported MIBs 377
- SMTP Configuration 378
- SSL Certificate 379
- Installing an SSL Certificate 380
- Backup and Restore 383
- Scheduling Automatic Backups 384
- Restoring a Backup 386
- Content Manager 387
- Uploading Content 388
- Security Manager 389
- Performing a Security Audit 390
- Notifications 391
- OS Updates 392
- Plugin Manager 393
- Managing Subscriptions 394
- Viewing Available Plugins 394
- Configuring Plugins 396
- Server Time 399
- 0.pool.ntp.org 400
- 1.pool.ntp.org 400
- 2.pool.ntp.org 400
- System Control 401
- Managing Data Retention 404
- System Information 408
- Adding Disk Space 409
- System Log 411
- Exporting the System Log 412
- Viewing the Application Log 412
- Searching the Application Log 413
- Exporting the Application Log 413
- Chapter 10 415
- Manage Hotspot Sign-up 416
- Hotspot Plans 417
- Modifying an Existing Plan 418
- Creating New Plans 419
- Managing Customer Information 420
- Managing Hotspot Invoice 420
- Customize User Interface 421
- Customize Page One 422
- Customize Page Two 422
- View Hotspot User Interface 424
- Chapter 11 425
- Network Architecture 426
- Deploying an SSL Certificate 427
- Normal Cluster Operation 427
- Failure Detection 427
- Database Replication 427
- Configuration Replication 428
- Primary Node Failure 429
- Secondary Node Failure 429
- Cluster Status 430
- Cluster Setup 431
- Prepare Primary Node 432
- Prepare Secondary Node 434
- Cluster Initialization 434
- Cluster Deployment 435
- Cluster Maintenance 436
- Updating Plugins 438
- Destroying a Cluster 438
- Cluster Troubleshooting 439
- Chapter 12 441
- Standard HTML Styles 442
- Smarty Template Syntax 443
- Comments 444
- Variable Assignment 444
- Conditional Text Blocks 444
- Script Blocks 444
- Repeated Text Blocks 444
- Foreach Text Blocks 445
- Modifiers 445
- Predefined Template Functions 446
- Advanced Developer Reference 450
- {nwa_plugin …} 452
- Date/Time Format Syntax 454
- Format Result 456
- Programmer’s Reference 457
- NwaParseCsv 459
- NwaParseXml 460
- NwaPasswordByComplexity 460
- NwaSmsIsValidPhoneNumber 460
- NwaStrongPassword 460
- NwaVLookup 461
- NwaWordsPassword 461
- GuestManager Standard Fields 461
- Field Description 462
- Hotspot Standard Fields 469
- SMS Services Standard Fields 470
- SMTP Services Standard Fields 470
- Format Picture String Symbols 472
- Function Description 477
- AccessReject() 479
- EnableDebug() 480
- DisableDebug() 480
- GetAttr() 480
- ShowAttr() 480
- MacAddr() 480
- MacEqual() 481
- MacAddrConvert() 481
- GetTraffic() 481
- GetTime() 481
- GetSessions() 482
- GetCallingStationTraffic() 482
- GetUserTraffic() 483
- GetIpAddressTraffic() 483
- GetCallingStationTime() 483
- GetUserTime() 483
- GetIpAddressTime() 483
- GetCallingStationSessions() 484
- GetUserSessions() 484
- GetIpAddressSessions() 484
- GetUserActiveSessions() 484
- GetCurrentSession() 484
- GetUserCurrentSession() 485
- GetIpAddressCurrentSession() 485
- GetUserStationCount() 486
- GetSessionTimeRemaining() 486
- ChangeToRole() 486
- RADIUS Server Options 487
- Value Description 488
- Security Configuration 489
- Proxy Configuration 489
- SNMP Query Configuration 490
- Thread Pool Configuration 490
- EAP Module Configuration 492
- LDAP Module Configuration 495
- Setting Description 496
- Rewrite Module Configuration 498
- Authentication Attributes 499
- Regular Expressions 501
- Regex Matches 502
- Chapter 13 503
- Numerics 507
Relacionado con productos y manuales para Software Dell PowerConnect W-Clearpass 100 Software
Software Dell Thin Client Solutions Manual
(52 paginas)
(52 paginas)
Software Dell Vizioncore Guía de usuario
(180 paginas)
(180 paginas)
Software Dell Networking S6000 Guía de usuario
(151 paginas)
(151 paginas)
Software Dell PowerConnect B-DCX-4s Guía de usuario
(262 paginas)
(262 paginas)
Software Dell Force10 Z9000 Manual de usuario
(601 paginas)
(601 paginas)
Software Dell Networking S6000 Manual de usuario
(986 paginas)
(986 paginas)
Software Dell A02 Guía de usuario
(38 paginas)
(38 paginas)
Software Dell Vizioncore Guía de usuario
(189 paginas)
(189 paginas)
Software Dell V1.2 Manual de usuario
(224 paginas)
(224 paginas)
© 2020, manymanuals.es. Todos los derechos reservados | 0.057 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales