| Line 11: | Line 11: | ||
|+ Username / MAC Authentication | |+ Username / MAC Authentication | ||
|- | |- | ||
| − | ! style='width:150px' | + | ! style='width:150px' | Item !! Required !! Description !! remarks |
|- | |- | ||
| − | | Username|| Yes || The multibyte characters(e.g, korean, japaneses) are not allowed. | + | | Username|| Yes || The multibyte characters(e.g, korean, japaneses) are not allowed. || username authentication only |
|- | |- | ||
| − | | Status || Yes || Select "authorized" | + | | Status || Yes || Select "authorized" || |
|- | |- | ||
| − | | | + | | User-Type || Yes || Select a user-type. An external user means that the username and password locates in an external database(normally a customer database). If you select the "external user", you can't set the password because this username is used only for applying additional attributes. |
| + | {{note| If you switch on the RADIUS > Settings > General> [[RADIUS Settings - General | cached user]], the user password will be filled using strong encryption algorithm and this username is also used for authentication.}} || username authentication only. | ||
|- | |- | ||
| − | | Password | + | | Password Type || Yes || It is the encryption method of a password. If a user machine is windows 10, the type must be either the Windows NT hashed passwords or clear-text passwords. || username authentication only |
|- | |- | ||
| − | | | + | | Password<br>Confirm Password|| Yes || Input the password of a username. || username authentication only |
|- | |- | ||
| − | | | + | | MAC Address || Yes || The [[MAC Address]] of a user machine. The address is case-sensitive and also may include delimiters and you can find the format of the MAC address from the [[Accounting]]. || MAC authentication only |
|- | |- | ||
| − | | | + | | Expiration || No || Set the user authentication expiration date. || |
|- | |- | ||
| − | | | + | | User Information || Optional || You can fill out the general user informations. The requirement of this field depends on "Environment > [[Environment | Custom Fields]]". || |
|- | |- | ||
| − | | | + | | Group || No || A group to which the user. || |
| − | |||
| − | |||
| − | | | ||
|- | |- | ||
| − | + | | Additional Attributes || No || You can add more attributes for authentication or reply. You done't need to add additional attributes at this step because they can be added after creating a user. || | |
| − | | | ||
| − | | | ||
| − | |||
| − | |||
| − | | | ||
| − | | | ||
|- | |- | ||
|} | |} | ||
Revision as of 14:18, 28 October 2023
RADIUS > Users
You can add, update, or delete the usernames for the RADIUS authentication.
Create New User
You can add a new user at the top right of the page and can create a user as either a Username authentication or a MAC Address authentication.
The Username authentication stores a User-Name and User-Password and the credentials are validated with the two attributes to authenticate an ACCESS-REQUEST.
The MAC address authentication store a MAC address of a user machine and the credentials are validated with the address. The MAC address type is applied usually in the environment of an open wireless network.
| Item | Required | Description | remarks |
|---|---|---|---|
| Username | Yes | The multibyte characters(e.g, korean, japaneses) are not allowed. | username authentication only |
| Status | Yes | Select "authorized" | |
| User-Type | Yes | Select a user-type. An external user means that the username and password locates in an external database(normally a customer database). If you select the "external user", you can't set the password because this username is used only for applying additional attributes.
If you switch on the RADIUS > Settings > General> cached user, the user password will be filled using strong encryption algorithm and this username is also used for authentication. | |
| Password Type | Yes | It is the encryption method of a password. If a user machine is windows 10, the type must be either the Windows NT hashed passwords or clear-text passwords. | username authentication only |
| Password Confirm Password |
Yes | Input the password of a username. | username authentication only |
| MAC Address | Yes | The MAC Address of a user machine. The address is case-sensitive and also may include delimiters and you can find the format of the MAC address from the Accounting. | MAC authentication only |
| Expiration | No | Set the user authentication expiration date. | |
| User Information | Optional | You can fill out the general user informations. The requirement of this field depends on "Environment > Custom Fields". | |
| Group | No | A group to which the user. | |
| Additional Attributes | No | You can add more attributes for authentication or reply. You done't need to add additional attributes at this step because they can be added after creating a user. |
User Authorization, Updating, and Deleting
A username that was registered from the captive portal page will be added as an un-authorized one. You can authorize it by click the 
icon in front of each row.
Within the same interface, you can also change other information and delete a user.
Additional Attributes
Authentication Attributes
Authentication attributes are pieces of information used in RADIUS authentication in addition to the basic information (User-Name, User-Password). For useful authentication attributes, refer to the Attributes section.
Reply Attributes
Reply attributes refer to the attributes provided to the user after RADIUS authentication. For useful reply attributes, refer to the Attributes section.
Password Reset
You can reset the password of registered users.
When a user's password is reset, the previous password becomes unusable, and a temporary password is issued. The use of such temporary passwords and the password reset feature can be configured in RADIUS > Settings > General > Password Complexity Requirements for RADIUS User-Password. If the password reset feature is inactive (default state), users cannot use the password reset function.
When a password is reset, the user must create a new password using the temporary password on the password change page. For more details, refer to RADIUS > Settings > General > Password Complexity Requirements for RADIUS User-Password.
Passwords for users authenticated based on MAC address or stored in an external database as " cached user" cannot be reset.
Expiration
Users with a specified expiration time that has passed will not be granted authentication (Access-Reject), and this information will not be automatically deleted."