advertisement
Using Novell Security Manager
13. In the Proxies tab, open the menu corresponding to the proxy service you wish to use.
14. If User Authentication is not enabled (red status light), click the
Enable button.
Authentication Methods: Choose RADIUS from the selection field.
15. Now confirm your settings by clicking on the Add button.
The user authentication using RADIUS is now active.
The IAS service will log every access attempt in the Microsoft Windows
NT/2000 Event Log.
In order to prevent the Windows Event Log from overflowing, Novell
Security Manager stores RADIUS access information for five minutes. This may mean that changes in the RADIUS database will not be reflected at
Novell Security Manager for a few minutes.
Attention:
Novell Security Manager sends queries on UDP port 1812.
4.1.7.3. SAM – NT/2000/XP
This authentication method uses an MS Windows NT/2000 Domain
Controller or standalone server. Many businesses already use MS Windows
NT/2000 networks based on ActiveDirectory.
The advantage of SAM is that it is very easy to configure if the network already has a Primary Domain Controller (PDC) or if a server with a user database is running.
The drawback, however, is that this system does not distinguish between different user groups. You can either allow all users in an SAM database access to a proxy or none of them.
Configuring SAM – NT/2000/XP:
In order to use this authentication method, you will need to have a
Microsoft Windows NT or 2000 server on your network that contains the user information. This can be either a
Primary Domain Controller (PDC) or a standalone server.
Note that Windows servers have a NetBIOS name (the NT/2000 server name) as well as an IP address.
58
Using Novell Security Manager
1. In the System tab, open the User Authentication menu.
2. In the SAM (NT/2000/XP) Server Settings window, click the
Enable button next to Status.
PDC Name: Enter the name of the Domain Controller in this entry field.
Since, beginning with Windows 2000, these names are also official
DNS names, only names consisting of alphanumeric, minus (-), and period (.) characters are allowed.
Other characters, for example %!#_{} are not allowed.
PDC Address: Enter the IP address of the Domain Controller.
BDC Name: If you have a Backup Domain Controller, enter its name in this entry field. If you do not use a BDC, enter the name of the PDC here.
BDC Address: If you have a Backup Domain Controller, enter its IP address here. If you do not use a BDC, enter the IP address of the
PDC here.
NT4 Domain: Enter the name of your MS Windows NT/2000-Domain.
Allowed characters are: Letters of the alphabet, hyphen (-), and underscore characters (_).
Note:
This is not the Internet domain, as in Company.com, but rather a simple designator, e.g., Intranet. If you are using a standalone server rather than a Domain Controller, enter its NETBIOS name here.
This corresponds to the PDC Name entry.
3. Confirm your settings by clicking Save.
Security Note:
For the
Shared Secret
only passwords consisting of alphanumeric
, minus (-), and period (.) characters are allowed. Other characters, for example %!#_{} are not allowed.
Security Note:
If you use SAM authentication, make sure to disable the Guest account on your Windows domain. Otherwise all username/password combinations will be accepted as valid.
59
advertisement
Related manuals
advertisement
Table of contents
- 9 Introduction to the Technology
- 15 Installation
- 16 System Requirements
- 18 Installation Instructions
- 18 Software Installation
- 22 Configuring Security Manager
- 27 WebAdmin
- 27 Info Box
- 27 Tab List
- 28 Menus
- 28 The Status Light
- 28 Selection Field
- 29 The Selection Table
- 30 Drop-down Menus
- 30 Lists
- 31 Online Help
- 31 Refresh
- 32 Using Novell Security Manager
- 34 Basic Settings (System)
- 34 Settings
- 38 Licensing
- 40 Up2Date Service
- 45 Backup
- 51 Remote Syslog Server
- 52 User Authentication
- 53 Novell eDirectory
- 55 RADIUS
- 58 SAM – NT/2000/XP
- 60 Active Directory/NT Domain Membership
- 62 LDAP Server
- 71 WebAdmin Settings
- 72 WebAdmin Site Certificate
- 74 High Availability
- 79 Shut down/Restart
- 80 Networks and Services (Definitions)
- 80 Networks
- 85 Services
- 88 Users
- 90 Time Events
- 92 Network Settings (Network)
- 92 Hostname/DynDNS
- 93 Interfaces
- 97 Standard Ethernet Interface
- 101 Additional Address on Ethernet Interface
- 103 Virtual LAN
- 107 PPPoE-DSL Connection
- 111 PPTPoE/PPPoA-DSL Connections
- 115 PPP over Serial Modem Line
- 119 Bridging
- 120 Routing
- 123 NAT/Masquerading
- 126 Masquerading
- 127 Load Balancing
- 128 DHCP Service
- 133 PPTP VPN Access
- 138 Accounting
- 139 Ping Check
- 140 Intrusion Protection
- 140 Settings
- 141 Rules
- 144 Portscan Detection
- 146 DoS/Flood Protection
- 150 Advanced
- 152 Packet Filter
- 152 Rules
- 163 Advanced
- 167 Application Gateways (Proxies)
- 174 Content Filter (Surf Protection)
- 196 Content Filter
- 199 Spam Protection
- 206 Content Filter
- 212 SOCKS
- 214 Ident
- 215 Proxy Content Manager
- 220 Virtual Private Networks (IPSec VPN)
- 226 Connections
- 232 Policies
- 235 Local Keys
- 237 Remote Keys
- 240 L2TP over IPSec
- 241 CA Management
- 244 Advanced
- 247 System Management (Reporting)
- 247 Administration
- 248 Virus
- 248 Hardware
- 249 Network
- 249 Packet Filter
- 249 Content Filter
- 250 PPTP/IPSec VPN
- 250 Intrusion Protection
- 250 HTTP Proxy Usage
- 250 Executive Report
- 251 Accounting
- 252 System Information
- 254 Remote Management (Remote Management)
- 254 Report Manager (RM)
- 257 Local Logs (Log Files)
- 257 Settings
- 260 Local Log File Query
- 261 Browse
- 264 Log Files
- 267 Error Codes
- 276 HTTP Proxy Messages
- 278 Online Help
- 279 Exiting Novell Security Manager
- 280 Glossary
- 285 Index