SonicWALL TZ 180 Humidifier User Manual


 
User Management
602
SonicOS Enhanced 4.0 Administrator Guide
Using RADIUS for Authentication
Remote Authentication Dial In User Service (RADIUS) is a protocol used by SonicWALL
security appliances to authenticate users who are attempting to access the network. The
RADIUS server contains a database with user information, and checks a user’s credentials
using authentication schemes such as Password Authentication Protocol (PAP), Challenge-
handshake authentication protocol (CHAP), Microsoft CHAP (MSCHAP), or MSCHAPv2.
Figure 52:3 RADIUS User Group Authentication Flow Diagram
While RADIUS is very different from LDAP, it does provide a long list of attributes for each
entry, including the user name, password, and domain. RADIUS can store information for
thousands of users, and is a good choice for user authentication purposes when many users
need access to the network.
Using LDAP / Active Directory / eDirectory Authentication
Lightweight Directory Access Protocol (LDAP) defines a directory services structure for storing
and managing information about elements in your network, such as user accounts, user
groups, hosts, and servers. Several different standards exist that use LDAP to manage user
account, group, and permissions. Some are proprietary systems like Microsoft Active Directory
which you can manage using LDAP. Some are open standards SAMBA, which are
implementations of the LDAP standards. Some are proprietary systems like Novell eDirectory
which provide an LDAP API for managing the user repository information.
,QWHUQHW
02/
5SER
7ORKSTATION
2!$)533ERVER
5SERATTEMPTSTOACCESSTHEWEB
3.7,REQUIRESAUTHENTICATIONOFTHE5SER
REDIRECTSWORKSTATIONTOAUTHENTICATE
5SERAUTHENTICATESWITHCREDENTIALS
3ONIC7!,,REQUESTSINFORMATIONFROM2!$)53
3ERVERABOUT5SER
2!$)533ERVERRESPONDSWITH5SER'ROUP
-EMBERSHIPINFORMATION
2!$)53'ROUP-EMBERSHIPISCOMPAREDAGAINST
3ONIC7!,,'ROUP-EMBERSHIPFORACCESSINGPRIVILEGES
3.7,AUTHORIZESORDENIESACCESSBASEDON5SERPRIVILEGES