Lantronix 900-510 11: User Authentication

SLB™ Branch Office Manager User Guide 134

11: User Authentication

Users who attempt to log in to the SLB branch office manager by means of Telnet, SSH,

the console port, or one of the device ports are granted access b y one or more

authentication methods.

The User Authentication page provides a submenu of methods (Local User s, NIS, LDAP,

RADIUS, Kerberos, and TACACS+) for authenticating users attempting to log in. Use t his

page to assign the order in which the SLB device will use the methods. By default, local

user authentication is enabled and is the first method the SLB branch off ice manager

uses to authenticate users. If desired, you can disable local user authentication or assign

it a lower precedence.

Note: Regardless of whether local user authentication is enabled, the local user

sysadmin account is always available for login.

Authentication can occur using all methods, in the order of precedence, un til a successful

authentication is obtained, or using only the first authentication m ethod that responds (in

the event that a server is down).

If you have the same user name defined in multiple authentication methods, the result is

unknown.

Example:

There is an LDAP user "joe" and an NIS user "joe" and the order of

authentication methods is:

1 - Local Users

2 - LDAP

3 - NIS

User "joe" tries to log in. Because there is an LDAP user "joe," the SLB branch

office manager tries to authenticate him against his LDAP pass word first. If he

fails to log in, then the SLB device may (or may not) try to authenticate h im

against his NIS "joe" user password.

To enable, disable, and set the precedence of authentication methods:

1. From the main menu, select User Authentication. The following page displays:

Contents

Main SLB Branch Office Manager User Guide Copyright & Trademark Open Source Software Contacts Sales Offices Disclaimer & Revisions Warranty Table of Contents Page Page Page Page List of Figures List of Tables 1: About This Guide Purpose and Audience Chapter Summaries 1: About This Guide SLB Branch Office Manager User Guide 11 Additional Documentation 2: Overview Features Console Management Power Management Outlets for Power Connectivity Ethernet Switch Meets Needs of Branch Offices Typical Equipment Types of Business Benefits Models System Features Protocols Supported Access Control Power Outlet Control Device Port Buffer Configuration Options Application Example Hardware Features The SLB hardware includes the following: Serial Connections Network Connections PC Card Interface 3: Installation Whats in the Box Product Information Label Technical Specifications Physical Installation Connecting to a Device Port Connecting to a Network Port Connecting a Terminal Connecting to a Power Source Connecting Devices to Power Outlets Connecting Devices to the 8-Port Ethernet Switch Typical Installations Page 4: Quick Setup IP Address Method #1 Using the Front Panel Display Before You Begin Front Panel LCD Display and Pushbuttons Navigating Entering the Settings Page Restoring Factory Defaults Method #2 Quick Setup on the Web Page Network Settings 4: Quick Setup SLB Branch Office Manager User Guide 35 Date & Time Settings Page Method #3 Quick Setup on the Command Line Interface 4: Quick Setup After you complete the Quick Setup script, the changes take effect imm ediately. SLB Branch Office Manager User Guide 38 Next Step 5: Web and Command Line Interfaces Web Interface Page Logging in Logging off Web Page Help Command Line Interface Logging in Logging out Command Syntax Command Line Help Tips General CLI Commands 6: Basic Parameters Requirements Eth1 Gateway: D NS: Eth1 and Eth2 Settings 6: Basic Parameters SLB Branch Office Manager User Guide 49 6: Basic Parameters SLB Branch Office Manager User Guide 50 Gateway Hostname & Name Servers Ethernet Counters Network Commands IP Filter Viewing IP Filters Enabling IP Filters Configuring IP Filters Rule Parameters Updating an IP Filter Deleting an IP Filter Mapping a Rule Set IP Filter Commands Routing Dynamic Routing Static Routing Equivalent Routing Commands 7: Services System Logging and Other Services SSH/Telnet/Logging System Logging SSH Telnet 7: Services SLB Branch Office Manager User Guide 63 Audit Log 3. To save, click the Apply button. SMTP Phone Home SNMP Communities Version 3 V3 Read-Only User V3 Read-Write User SNMP, SSH, Telnet, and Logging Commands Page Page NFS and SMB/CIFS NFS Mounts SMB/CIFS Share NFS and SMB/CIFS Commands Secure Lantronix Network Page Page Page Secure Lantronix Network Commands Date and Time Page Date and Time Commands Page 8: Device Ports Connection Methods Permissions Device Status Global Port Settings Telnet/SSH/TCP in Port Numbers Page Global Commands Device Ports Settings Page 8: Device Ports SLB Branch Office Manager User Guide 86 To enter device port settings: 1. Enter the following: IP Settings 8: Device Ports SLB Branch Office Manager User Guide 87 Data Settings 8: Device Ports SLB Branch Office Manager User Guide 88 Hardware Signal Triggers Modem Settings Note: Depending on the State and Mode you select, different fields are available. Modem Settings: Text Mode Modem Settings: PPP Mode Port Status and Counters Device Ports SLP Power Manager SLP Status/Info SLP Commands Device Port Sensorsoft Device Device Port Commands Page Device Commands Interacting with a Device Port Device Ports Logging Local Logging NFS File Logging PC Card Logging Email/SNMP Notification Sylog Logging Local Logging Email/SNMP Traps NFS File Logging PC Card Logging Syslog Logging Logging Commands Console Port Console Port Commands Power Outlets 8: Device Ports SLB Branch Office Manager User Guide 107 2. Enter the following: 3. View or enter the following information for each outlet: Power Outlet Commands Host Lists Page Page Host Parameters Host List Commands Page 9: PC Cards Storage Settings Page Page Data Settings ISDN Settings GSM/GPRS Settings 9: PC Cards SLB Branch Office Manager User Guide 120 Text Mode PPP Mode IP Settings PC Card Commands PC Card Modem Commands Page 10: Connections Typical Setup Scenarios for the SLB Device Terminal Server Remote Access Server Reverse Terminal Server Multiport Device Server Console Server Page Connection Configuration Page Connection Commands Page Page 11: User Authentication 11: User Authentication SLB Branch Office Manager User Guide 135 Authentication Commands Local and Remote Users Local User Passwords Local/Remote User Settings Page Page 11: User Authentication SLB Branch Office Manager User Guide 141 4. Click the Apply button. Shortcut Local Users Commands Local User Rights Commands Remote User Commands NIS Page 11: User Authentication SLB Branch Office Manager User Guide 147 3. In the User Rights section, select the user group to which NIS users will belong: 4. Select or clear the checkboxes for the following rights: NIS Commands LDAP Page 11: User Authentication 3. In the User Rights section, select the user group to which LDAP users will belong: SLB Branch Office Manager User Guide 151 11: User Authentication SLB Branch Office Manager User Guide 152 4. Select or clear the checkboxes for the following rights: 5. Click the Apply button. Note: You must reboot the unit before your changes will take effect. LDAP Commands RADIUS Page 11: User Authentication SLB Branch Office Manager User Guide 156 4. Select or clear the checkboxes for the following rights: RADIUS Commands Kerberos Page 11: User Authentication SLB Branch Office Manager User Guide 160 KDC IP Address Enter the IP address of the Key Distribution Center (KDC). 4. Select or clear the checkboxes for the following rights: 3. In the User Rights section, select the user group to which Kerberos users will belong. Page Kerberos Commands TACACS+ 11: User Authentication SLB Branch Office Manager User Guide 164 2. Enter the following: 3. In the User Rights section, select the user group to which TACACS+ users will belong. 11: User Authentication SLB Branch Office Manager User Guide 165 4. Select or clear the checkboxes for the following rights: 5. Click the Apply button. Note: You must reboot the unit before your changes will take effect. TACACS+ Commands SSH Keys Imported Keys Exported Keys Imported Keys (SSH In) 11: User Authentication SLB Branch Office Manager User Guide 169 Host & Login for Import Exported Keys (SSH Out) Page Page SSH Commands Page Custom User Menus Custom User Menu Commands Page 11: User Authentication SLB Branch Office Manager User Guide 176 Example The system administrator creates two custom user menus, with menu1 having a nested menu (menu2): 11: User Authentication SLB Branch Office Manager User Guide 177 The system administrator 4 configures local user 'john' to use custom menu 'menu1': Page 12: Maintenance and Operation SLB Maintenance General SLB Firmware Boot Banks FTP/TFTP/SFTP Configuration Management Page Firmware & Configurations Web Sessions Firmware & Configurations SSL Certificate Page iGoogle Gadgets Administrative Commands Page Page System Logs Page Page System Log Command Audit Log Diagnostics Page 12: Maintenance and Operation 3. Click the Run Diagnostics button. The Diagnostics report page displays. SLB Branch Office Manager User Guide 196 Page Diagnostic Commands Status/Reports View Report Page Status Commands Events Page Events Commands Page 13: Application Examples Telnet/SSH to a Remote Device Dial-in (Text Mode) to a Remote Device Page Local Serial Connection to Network Device via Telnet Page 14: Command Reference Introduction to Commands Command Syntax Command Line Help Tips Administrative Commands Page Page Page Page Page Audit Log Commands Authentication Commands Kerberos Commands LDAP Commands Local Users Commands Page Page NIS Commands RADIUS Commands TACACS+ Commands User Permissions Commands Page Page CLI Commands Connection Commands Description connect direct Syntax Parameters Description Page Console Port Commands Custom User Menu Commands Date and Time Commands Device Commands Description Device Port Commands set deviceport port Syntax Example: Parameters Page Page Diagnostic Commands Page End Device Commands Events Commands Host List Commands IP Filter Commands Description Logging Commands set deviceport port Syntax Parameters Network Commands Page NFS and SMB/CIFS Commands Page PC Card Storage Commands PC Card Modem Commands pccard modem Syntax Parameters Power Commands Routing Commands Services Commands set services Syntax Parameters SLB Network Commands SSH Key Commands Page Status Commands System Log Commands Page A: Bootloader Accessing the Bootloader Bootload Commands User Commands Administrator Commands B: Security Considerations Security Practice Factors Affecting Security C: Safety Information Safety Precautions Cover Power Plug Input Supply Fuses Rack Port Connections D: Adapters and Pinouts RJ45 DB25 Male RJ45 DB25 Female RJ45 DB9 Male RJ45 DB9 Female Page E: Protocol Glossary Page Page F: Compliance Information Page F: Compliance Information SLB Branch Office Manager User Guide 280 Hexavalent Chromium (Cr (VI)) Cadmium (Cd)