User`s guide
Configuring Groups on LDAP, NTLM, RADIUS, and TACACS+ Authentication Servers
512
AlterPath OnSite Administrator’s and User’s Guide
Configuring Groups on LDAP, NTLM, RADIUS,
and TACACS+ Authentication Servers
This section describes how to configure groups on LDAP, NTLM, RADIUS,
and TACACS+ authentication servers and perform the required configuration
on the OnSite to support group authorizations for these authentication
methods.
On the OnSite, the users and groups must be defined with the same names
used in the authentication servers. See the user configuration procedures
under Table 1-8, “Tasks for Configuring Users,” on page 22.
Configuring Groups for TACACS+
The following list defines the values that must be defined when configuring a
group with TACACS+ authentication.
• The TACACS+ administrator must add each user to a group. To give a
user administrative access, the user must be added to the admin group.
• On the OnSite, the TACACS+ authentication server must be configured
for raw access, in either of the two ways shown in the following table:
T To Configure Groups for TACACS+
Perform this procedure by editing the AA database on the TACACS+ server.
These additions can be made through a GUI. The example shows a declaration
that would need to be added to the AA database if a GUI is not available.
Method Procedure
Web Manager
Follow the procedure in “To Configure a TACACS+
Authentication Server [Expert]” on page 286, making sure to
check the “Enable Raccess Authorization” checkbox.
OnSite Command Line
“Configuring a TACACS+ Authentication Server on the
Command Line” on page 513