Manualshelf

User`s manual

ManualsBrandsD-Link ManualsComputer equipmentDWL-8220AP - AirPremier Wireless Switch Dualband Access Point
61626364656667686970
56
DWS-1008 User’s Manual
D-Link Systems, Inc.
Conguring AAA for Administrative and Local Access
2. To enforce the use of console authentication via the local database, type the following
command:
DWS-1008# set authentication console * local
Caution: If you type this command before you have created a local username and password,
you can lock yourself out of the DWS-1008 switch. Before entering this command, you must
congure a local username and password.
3 To store this conguration into nonvolatile memory, type the following command:
DWS-1008# save cong
success: configuration saved.
By default, no authentication is required at the console. If you have previously required
authentication and have decided not to require it (during testing, for example), type the
following command to congure the console so that it does not require username and
password authentication:
DWS-1008# set authentication console * none
Customizing AAA with “Globs” and Groups
“Globbing” lets you classify users by username or media access control (MAC) address for
different AAA treatments. A user glob is a string, possibly containing wildcards, for matching
AAA and IEEE 802.1X authentication methods to a user or set of users. The switch supports
the following wildcard characters for user globs:
• Single asterisk (*) matches the characters in a username up to but not including a
separator character, which can be an at (@) sign or a period (.).
• Double asterisk (**) matches all usernames.
In a similar fashion, MAC address globs match authentication methods to a MAC address or
set of MAC addresses.
Note. The authentication method none you can specify for administrative access is different
from the fallthru authentication type None, which applies only to network access. The
authentication method none allows access to the switch by an administrator. The fallthru
authentication type None denies access to a network user.
A user group is a named collection of users or MAC addresses sharing a common
authorization policy. For example, you might group all users on the rst oor of building 17 into
the group bldg-17-1st-floor, or group all users in the IT group into the group infotech-people.
Individual user entries override group entries if they both congure the same attribute.