Users and groups
A user is an individual who needs access to resources on your network, and a group is a collection of users. After
you’ve created users or groups on the appliance, you can reference them in an access control rule to permit or
deny access to resources.
Users and groups can be stored on an external authentication server or on the appliance in a local user
authentication repository. When an external authentication server, such as LDAP or Microsoft Active Directory,
is being used, you create references to existing users or groups stored in that server. These users or groups, as
well as local users and groups, are referenced in access control rules to control authorization. You can even
query the external directory (looking for users who share certain attributes, for example) and use the results to
create a group to use in an access control rule. This is useful when you do not want to create and manage users
directly on the appliance.
Creating local users and groups on the appliance is useful to allow external users to access a set of internal
company resources, such as a reseller who needs access to a special order status page on an internal system. For
deployments without an existing company-wide directory server in place, the local user authentication
repository allows group-based policy without the need to install, configure, and maintain another server.
You can define a user or group before referencing it in an access control rule; alternatively, you can define a new
user or group directly from the access control rule interface.
Was This Article Helpful?
Help us to improve our support portal