The controller or service platform also supports multiple RADIUS server definitions as well as fallback to provide authentication in the event of failure. If the primary RADIUS server is unavailable, the controller or service platform authenticates with the next RADIUS sever, as defined in the AAA policy. If a RADIUS server is not reachable, the controller or service platform can fall back to the local database for authentication. If both RADIUS and local authentication services are unavailable, read-only access can be optionally provided.
The controller or service platform authenticates users using the integrated local database. When user credentials are presented the controller or service platform validates the username and password against the local database and assigns permissions based on the associated roles assigned. The controller or service platform can also deny the authentication request if the user is attempting to access a management interface not specified in the account‘s access mode list.
NoteThe management policy administrator role requires to have at least one Superuser.
|Username||The field displays the default name assigned to the administrators upon creation of their account. The name field cannot be modified|
|Password||Password associated with the username|
|Confirm Password||Re-type the password to confirm associated password|
|Access type||Lists the console, SSH, telnet, and web UI access type
assigned to each listed administrator. A single
administrator can have any one or all of these roles
assigned at the same time
|Administrator role||Lists the role assigned to each listed administrator. An
administrator can only be assigned one role at a
|Allowed Location|| Use the allowed location field to specify the
allowed-locations tag. Each allowed-location tag is mapped
to one or multiple locations (RF Domains/sites/tree-node
paths). By specifying an allowed location tag, you are
restricting the user's access to the locations mapped to the
tag. However, in WiNG, this option is only applicable to the
Device Provisioning admin user role
Note: Ensure that the allowed location tag is existing and configured. Use the locations tab on the Management dashboard to create a tag and map it to locations (RF Domains, sites, tree-node paths, etc.) within your managed network. For more information, see Set Location Configuration
|Group||Specify the group to which the user belongs|