Extreme AirDefense User Guide

Select the

icon located to the top right of this screen.

The User Group Creation dialog displays.

Use the Select User Type drop-down list to select user type to create.

Access to various features of AirDefense depends on the permissions assigned to the selected user type. The default user type is Operation Center.

In the Group Name field, provide a name for this user group.

This is a mandatory field.

In the Description field, provide a brief description about this user group and its purpose.

This information should enable you to uniquely identify this user group from similar groups.

Use the Select Remote Profile Name drop-down list to select the authentication profile to use. This configuration is defined in the Remote Profile screen. To create a new Authentication Profile, expand the drop-down list and then select the Add New Profile entry in the list.

The All menu item is the only selectable option available within this drop-down list. Support for other items will be enabled in future.

Use the TEST CONNECTION field to test if the connection to the remote server is successful. The following dialog opens.

Provide the correct username and password for testing the remote connection and then select the Test button to test the connection.

The status of this test is indicated within this dialog.

Select the Disable group login control to prevent users belonging to this group from logging into this AirDefense instance.

When a user is authenticated from a RADIUS or LDAP server, and when Group Authentication is enabled, the authentication servers return the group name to which the user belongs. This group name is verified with the local AirDefense groups and if the group is found, the user is allowed access. Use this option to temporarily suspend users belonging to this group from accessing this AirDefense instance.

Select the VIEW ACCOUNT PREFERENCE button to configure additional settings for this new user account.

The USER CREATION window expands to display additional fields.

The following fields are displayed.


Field	Description
Scope Permission	This field sets the scope in the AirDefense network tree where this user account is considered valid. Expand this field and select the scope for this setting.
Functional Role	This field sets the functional roles that can be performed. Expand this field to view and edit the various parameters for this setting.
Account Security	This field sets the user account's security settings. Expand this field to view and edit the various parameters for this setting.
Feature Permissions	This field sets the permissions that can be assigned. Expand this field to view and edit the various parameters for this setting.

Select the Scope Permission label to expand it.

The Scope Permission field displays a selectable network tree for this AirDefense instance.

When you select or unselect any level in this network tree, all sub-levels under the level are selected or unselected respectively. A selected level is indicated by icon. A unselected level is blank.

Use the option control next to each level to include or exclude that level when the user account is considered valid in this AirDefense instance. When a level is selected, the configuration is applied to all its sub-levels. Use the option controls for each level to apply or revoke the user's permission on that level.

Select the Functional Role label to expand it.

The following additional fields are displayed. Select each option to enable or disable that functional role.


Field	Description
Security	When selected, this option grants permission to manage Security alarms. Is enabled by default.
Performance Monitoring Troubleshooting	When selected, this option grants permission to manage alarms that monitor the AirDefense system performance and alarms generated by the troubleshooting features such as AP Test. Is enabled by default.
Platform Monitoring	When selected, this option grants permission to manage alarms that monitor the AirDefense system (platform). Is enabled by default.
Infrastructure Management	When selected, this option grants permission to manage alarms that are generated by the infrastructure management features. Is enabled by default.
Locationing	When selected, this option grants permission to manage alarms triggered by the Location Based Services system. Is enabled by default.

Select the Feature Permissions label to expand it.

Review the FUNCTIONAL AREA and the PERMISSION fields. This area lists all the functional areas of AirDefense and the permission that can be set to view or edit that area. If no permission is granted for that particular functional area, the value NO ACCESS is displayed for it.

Permissions to view and edit particular areas of AirDefense is set based on the permissions configured in the User Profile selected when creating any user or user group.

Select the Customize Permissions control to enable editing these permissions individually. After enabling the Customize Permissions field, select the icon located next to the current permission for the functional area that you wish to modify permissions for. The drop-down expands and lists the available permissions that can be applied to the functional area.

The following permissions can be applied to each functional area.

View: Grants permission to view all screens of the functional area. Editing is not permitted in these screens.
No Access: When selected, access is not granted to this functional area. The menus used to access these functional areas are also not displayed.
View/Edit: Grants permission to view and edit all the screens of the functional area and modify the fields in that area. The permission grants full control over this functional area.

Select the CREATE button located to the top of this dialog to save the newly created user group.

At any point of time, if you wish to exit without creating the user group, select the small X button located to the top left of this dialog.

Add User Group