Tripp Lite PDU3VSR6L2130 Owner's Manual for SNMPWEBCARD 9332CE - Page 98

8. Appendix Sample Guest User This entry in the user table defines a sample guest user for PowerAlert: radiusguest Cleartext-Password := "radiusguest" Reply-Message = "Hello, %{User-Name}", TrippLite-Authorization = "default=ro,security=none", TrippLite-Outlet-Realms = "1-10,31", Session-Timeout = 600, Idle-Timeout = 300 Once again, the format remains fairly standard in terms of username, password, Reply-Message and timeout parameters. The shorter idle and session timeout values reflect the limited scope of access. The two major changes are in the TrippLite-Authorization and TrippLite-OutletRealm definitions. The guest user has read-only access to all facilities by default and explicitly has no access to the security realm. This gives the guest the ability to monitor PowerAlert but not change any of the configuration. This is also the only entry with a TrippLite-Outlet-Realm definition. In this case, while the guest can monitor the rest of the system, they have been provided the ability to control individual outlets on devices that support them that fall within the realms of 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 and 31. In this manner, an account can be restricted to only be able to change the state of those specific outlets. Configuring Client Access Once the dictionary and user configurations are in place, the RADIUS server must be configured to allow PowerAlert to send requests and receive responses. This is very specific to the particular RADIUS server involved, so check your documentation carefully. For the FreeRadius server, entries would be added to the clients.conf file following the instructions provided with the sample entries. 98