Secure Mobile Access 100 10.2 Administration Guide

Group Configuration for Active Directory and RADIUS Domains

For authentication to RADIUS or Active Directory servers (using Kerberos), you can individually define AAA users and groups. This is not required, but it enables you to create separate policies or bookmarks for individual AAA users.

When a user logs in, the SMA appliance validates with the appropriate Active Directory or RADIUS server that the user is authorized to login. If the user is authorized, the SMA appliance checks to see if a user exists in the SMA appliance database for users and groups. If the user is defined, then the policies and bookmarks defined for the user applies.

For example, if you create a RADIUS domain in the SMA appliance called “Miami RADIUS server,” you can add users to groups that are members of the “Miami RADIUS server” domain. These usernames must match the names configured in the RADIUS server. Then, when users log in to the portal, policies, bookmarks, and other user settings applies to the users. If the AAA user does not exist in the SMA appliance, then only the global settings, policies and bookmarks applies to the user.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.