Home > User Interface > Tools > Authentication Tools
|
Menu path: Tools.> Authentication Tools.
The following authentication tools are available:
The RADIUS authentication tool queries a defined RADIUS authentication source for a specific User Name and Password. The authentication source must be a RADIUS source defined through the use of the RADIUS configuration page. Select the name of the authentication source, fill in a User Name and Password, and then press the TEST button to start the tool.
<!!! Screen shot to be supplied !!!>
The authentication test tool tests a User Name and Password against an authentication source, including LDAP, RADIUS, Active Directory, and SAML. Select from the available and applicable Authentication Sources, enter a User Name and Password, and then press the TEST button. If a valid password for the use is not available, any text can be used; the authentication test will still perform most of the authentication steps.
Example 1 - Successful
Authentication Source:\xA0A3AD
Username:\xA0++++
Password:\xA0****
Response:
Testing authentication for "++++"
--------------------------------------------------------------------------------
Authentication Source 'A3AD' Configuration:
cache_match: 0
read_timeout: 10
basedn: cn=users,dc=a3-demo,dc=local
monitor: 1
dynamic_routing_module: AuthModule
shuffle: 0
id: A3AD
scope: sub
email_attribute: mail
unique: 0
usernameattribute: sAMAccountName
connection_timeout: 5
binddn: cn=administrator,cn=users,dc=a3-demo,dc=local
encryption: none
port: 389
description: AD in A3 Lab
host: 10.5.1.4
write_timeout: 5
class: internal
type: AD
\xA0
Authenticating against 'A3AD' in context 'admin'
Authentication SUCCEEDED against A3AD (Authentication successful.)
Matched against A3AD for 'authentication' rules
set_role : Employee
set_access_duration : 1h
Did not match against A3AD for 'administration' rules
\xA0
Authenticating against 'A3AD' in context 'portal'
Authentication SUCCEEDED against A3AD (Authentication successful.)
Matched against A3AD for 'authentication' rules
set_role : Employee
set_access_duration : 1h
Did not match against A3AD for 'administration' rules
\xA0
Total testing time: 2.208669 seconds.
Example 2 - User Does Not Exist
Authentication Source:\xA0A3AD
Username:\xA0++++@ddd.com
Password:\xA0****
Response:
Testing authentication for "++++@ddd.com"
--------------------------------------------------------------------------------
Authentication Source 'A3AD' Configuration:
cache_match: 0
read_timeout: 10
basedn: cn=users,dc=a3-demo,dc=local
monitor: 1
dynamic_routing_module: AuthModule
shuffle: 0
id: A3AD
scope: sub
email_attribute: mail
unique: 0
usernameattribute: sAMAccountName
connection_timeout: 5
binddn: cn=administrator,cn=users,dc=a3-demo,dc=local
encryption: none
port: 389
description: AD in A3 Lab
host: 10.5.1.4
write_timeout: 5
class: internal
type: AD
\xA0
Authenticating against 'A3AD' in context 'admin'
Authentication FAILED against A3AD (Invalid login or password)
Did not match against A3AD for 'authentication' rules
Did not match against A3AD for 'administration' rules
\xA0
Authenticating against 'A3AD' in context 'portal'
Authentication SUCCEEDED against A3AD (Authentication successful.)
Matched against A3AD for 'authentication' rules
set_role : Employee
set_access_duration : 1h
Did not match against A3AD for 'administration' rules
Example 3 - Failed, bad password
Authentication Source:\xA0A3AD
Username:\xA0andrew
Password:\xA0****
Response:
Testing authentication for "andrew"
--------------------------------------------------------------------------------
Authentication Source 'A3AD' Configuration:
cache_match: 0
read_timeout: 10
basedn: cn=users,dc=a3-demo,dc=local
monitor: 1
dynamic_routing_module: AuthModule
shuffle: 0
id: A3AD
scope: sub
email_attribute: mail
unique: 0
usernameattribute: sAMAccountName
connection_timeout: 5
binddn: cn=administrator,cn=users,dc=a3-demo,dc=local
encryption: none
port: 389
description: AD in A3 Lab
host: 10.5.1.4
write_timeout: 5
class: internal
type: AD
\xA0
Authenticating against 'A3AD' in context 'admin'
Authentication FAILED against A3AD (Invalid login or password)
Did not match against A3AD for 'authentication' rules
Did not match against A3AD for 'administration' rules
\xA0
Authenticating against 'A3AD' in context 'portal'
Authentication FAILED against A3AD (Invalid login or password)
Did not match against A3AD for 'authentication' rules
Did not match against A3AD for 'administration' rules
\xA0
Total testing time: 2.200176 seconds.
The NTLM (NT LAN Manager) Authentication test tool tests a User Name and Password against an Active Directory server. Select from the available and applicable Authentication Sources, enter a User Name and Password, and then press the TEST button to start the tool.
NTLM authentication tests return one of three possible responses:
The LDAP Browser tool queries a defined LDAP authentication source for a specific Attribute Name and Value. The authentication source must be an LDAP source defined through the use of the LDAP configuration page. Select the name of the authentication source, fill in a Attribute Name and Value, and then press the LDAP Browse button to start the tool. The contents of the LDAP directory for the values matching the attribute name will be displayed.
This option, if selected, allows EAP user authentication against the local users repository.
Copyright © 2023 Extreme Networks. All rights reserved. Published March 28, 2023.