User guide
48 DOMINION KX USER GUIDE
Relationship between Users and Group Entries
You may want to organize users in your device into groups. Assigning users to groups saves time by
allowing you to manage permissions for all users in a group at once, instead of managing permissions on a
user-by-user basis.
User information helps in authenticating users accessing your KX unit. Upon successful authentication,
the device uses Group information to determine the user’s permissions – which server ports are accessible,
whether rebooting the unit is allowed, and other features.
You may choose not to associate specific users with groups. In this case, the KX unit classifies the user as
“Individual.”
The user list on the left side of the screen displays both User and Group names created for the device. Users
belonging to a Group are nested under their group name.
Mandatory User Groups
Every Dominion KX unit has three default user groups, which cannot be deleted:
ADMIN User group for original, factory-default administrative user.
NONE Permissions defined for this group are employed for a user when your Dominion KX is
configured for remote authentication via LDAP or RADIUS (see next section), and a
login attempt is successful but no user group is returned by the remote authentication
server.
UNKNOWN Permissions defined for this group are employed for a user when your Dominion KX is
configured for remote authentication via LDAP or RADIUS (see next section), and a
login attempt is successful but the user group returned by the remote authentication
server is not found in Dominion KX.