Manualshelf

User guide

ManualsBrandsAPC Manualsdistribution power transformersPDPB150G6F
81828384858687888990
User Guide InfraStruxure 150kVA Power Distribution Unit 74
Configure the RADIUS Server.
You must configure your RADIUS server to work with the PDU.
For examples of the RADIUS users file with Vendor Specific Attributes (VSAs) and an example of an
entry in the dictionary file on the RADIUS server, see the APC Security Handbook.
1. Add the IP address of the PDU to the RADIUS server client list (file).
2. Users must be configured with Service-Type attributes unless Vendor Specific Attributes (VSAs)
are defined. If no Service-Type attributes are configured, users will have read-only access (on the
Web interface only).
See your RADIUS server documentation for information about the RADIUS users file, and see
the APC Security Handbook for an example.
3. Vendor Specific Attributes (VSAs) can be used instead of the Service-Type attributes provided by
the RADIUS server. VSAs requires a dictionary entry and a RADIUS users file. In the dictionary
file, define the names for the ATTRIBUTE and VALUE keywords, but not for the numeric
values. If you change numeric values, RADIUS authentication and authorization will fail. VSAs
take precedence over standard RADIUS attributes.
Configure a RADIUS server on UNIX
®
with shadow passwords.
If UNIX shadow password files are used (/etc/passwd) with the RADIUS dictionary files, the
following two methods can be used to authenticate users:
If all UNIX users have administrative privileges, add the following to the RADIUS “user” file. To
allow only Device Users, change the APC-Service-Type to
Device.
DEFAULT Auth-Type = System
APC-Service-Type = Admin
Add user names and attributes to the RADIUS “user” file, and verify password against
/etc/passwd. The following example is for users bconners and thawk:
bconners Auth-Type = System
APC-Service-Type = Admin
thawk Auth-Type = System
APC-Service-Type = Device
Supported RADIUS servers.
APC supports FreeRADIUS and Microsoft IAS 2003. Other commonly available RADIUS applications
may work but have not been fully tested by APC.
Inactivity Timeout
Path: Administration > Security > Auto Log Off
Use this option to configure the time (3 minutes by default) that the system waits before logging off an
inactive user. If you change this value, you must log off for the change to take effect.
Note: This timer continues to run if a user closes the browser window without first logging off by
clicking Log Off at the upper right. Because that user is still considered to be logged on, no user of that
account type can log on until the time specified as Minutes of Inactivity expires. For example, with the
default value for Minutes of Inactivity, if a Device User closes the browser window without logging off,
no Device User can log on for 3 minutes.