80 TimeCreator 1000 User’s Guide 097-93100-01 Revision C – February, 2010
Chapter 5 Provisioning
Provisioning Login Authentication
TACACS+ Server
To provision the TACACS+ server IP address and the authentication key for server
access:
1. Login at the Admin level (see Login, on page 74).
2. Type
set authentication tacacs+ address <address>[:<port#>] and
press Enter (address is the server IP address, for example 192.168.0.10, and
the port # is optional).
3. Type
set authentication tacacs+ key <key> and press Enter (key is up to
32 ASCII characters).
4. Type
set authentication tacacs+ state enable and press Enter.
Configuring the RADIUS Server
For a FreeRADIUS server (see http://www.freeradius.org/), configuration requires
placing the TimeCreator 1000 user information in the file "/etc/raddb/users.conf".
For other RADIUS servers, see the appropriate user documentation for information
on how to configure the server. The "Class" attribute from the RADIUS server is
used by the TimeCreator 1000 to indicate the security level for each authorized
user, as described in the Table 5-2 below:.
Listed below are example configurations for the file “/etc/raddb/users.conf” for the
FreeRADIUS server.
Example 1
: “Admin”-Level User
For user "usr_a" with a password of "test1a":
usr_a Auth-Type := Local, User-Password == "test1a"
Class= "15"
Example 2: “Power-User”-Level User
Table 5-2. Security Levels vs. RADIUS Server Class Attribute Settings
TimeCreator 1000
Security Level
RADIUS Server
“Class” Attribute
User 1 - 4
Power-user 5 - 9
Admin 10 - 15
To Next Page
Loading...
Need help?
General
