Dell PowerConnect W Clearpass 100 Software 3.9 Deployment Guide - Page 170
Configuring Authorization for External Authentication Servers
View all Dell PowerConnect W Clearpass 100 Software manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 170 highlights
Configuring Authorization for External Authentication Servers The level of authorized access an authenticated user can have is controlled by the external authentication server's authorization method. To configure a server's authorization method, use the options under the Authorization heading of the RADIUS server's Edit Authentication form. For more information about authorization methods, including examples, see "About Authorization Methods in External Authentication Servers" in this chapter. No authorization-Authenticate only may be used to remove all RADIUS attributes not related to authentication. . The RADIUS server will return an Access-Accept or Access-Reject message indicating the result of the authentication attempt. Use the common name of the client certificate to match a local user account may be specified for users authenticated via EAP-TLS on a client's local certificate server. The RADIUS server will return an Access-Accept or Access-Reject message indicating the result of the authentication attempt. Use attributes from Proxy RADIUS server may be used with a Proxy RADIUS external authentication server. The RADIUS server passes through the Access-Accept or Access-Reject message from the proxy server, as well as all RADIUS attributes returned by the proxy server. Use this option when authorization is performed entirely by the proxy RADIUS server. Assign a fixed user role may be used to map all users authenticated by an external authentication server into a single RADIUS user role. The RADIUS server will return an Access-Reject message if the user authentication fails. If the authentication is successful, the user is authorized using the specified role. The RADIUS server will return an Access-Reject message if the authorization fails. The RADIUS server will return an Access-Accept message that includes the corresponding attributes from the user role if the authentication and authorization steps are both successful. 170 | RADIUS Services ClearPass Guest 3.9 | Deployment Guide