User Management
672
SonicOS Enhanced 4.0 Administrator Guide
When using RADIUS or LDAP authentication, if you want to keep the configuration of
administrative users local to the appliance whilst having those users authenticated by RADIUS/
LDAP, perform these steps:
Step 1 Navigate to the Users > Settings page.
Step 2 Select either the RADIUS + Local Users or LDAP + Local Users authentication method.
Step 3 Clic k the Configure button.
Step 4 For RADIUS, click on the RADIUS Users tab and select the Local configuration only radio
button and ensure that the Memberships can be set locally by duplicating RADIUS user
names checkbox is checked.
Step 5 For LDAP, click on the LDAP Users tab and select the User group membership can be set
locally by duplicating LDAP user names checkbox.
Step 6 Then create local user accounts with the user names of the administrative users (note no
passwords need be set here) and add them to the relevant administrator user groups.
Preempting Administrators
When an administrator attempts to log in while another administrator is logged in, the following
message is displayed. The message displays the current administrator’s user name, IP
address, phone number (if it can be retrieved from LDAP), and whether the administrator is
logged in using the GUI or CLI.
This window gives you three options:
Continue - Preempts the current administrator. The current administrator is dropped to
non-config mode and you are given full administrator access.
Non-config - You are logged into the appliance in non-config mode. The current
administrator’s session is not disturbed.
Cancel - Returns to the authentication screen.