Managing User Accounts
The Devicescape Reference AP includes user management capabilities for controlling client access to access points.
User management and authentication must always be used in conjunction with the following two security modes, which require use of a RADIUS server for user authentication and management.
You have the option of using either the internal RADIUS server embedded in the Devicescape Reference AP or an external RADIUS server that you provide. If you use the embedded RADIUS server, use this Administration Web page on the access point to set up and manage user accounts. If you are using an external RADIUS server, you will need to set up and manage user accounts on the Administrative interface for that server.
On the User Management page, you can create, edit, remove, and view client user accounts. Each user account consists of a user name and password. The set of users specified here represent approved clients that can log in and use one or more access points to access local and possibly external networks via your wireless network.
|
Note
|
Users specified here are clients of the access point(s) who use the APs as a connectivity hub, not administrators of the wireless network. Only those with the administrator username and password and knowledge of the administration URL can log in as an administrator and view or modify configuration settings.
|
The following topics are covered:
Navigating to User Management for Clustered Access Points
To set up or modify user accounts, click the User Management tab.
Viewing User Accounts
User accounts are shown at the top of the screen under "User Accounts". The Username, Real name and Status (enabled or disabled) of the user are shown. You make modifications to an existing user account by first selecting the checkbox next to a user name and then choosing an action. (See Editing a User Account.)
Adding a User
To create a new user, do the following:
- Under "Add a User", provide information in the following fields.
|
Field
|
Description
|
|
Username
|
Provide a username.
Usernames are alphanumeric strings of up to 237 characters. Do not use special characters or spaces.
|
|
Real name
|
For information purposes, provide the user's full name.
There is a 256 character limit on real names.
|
|
Password
|
Specify a password for this user.
Passwords are alphanumeric strings of up to 256 characters. Do not use special characters or spaces.
|
- When you have filled in the fields, click Add Account to add the account.
The new user is then displayed in "User Accounts". The user account is enabled by default when you first create it.
|
Note
|
A limit of 100 user accounts per access point is imposed by the Administration user interface. Network usage may impose a more practical limit, depending upon the demand from each user.
|
Editing a User Account
Once you have created a user account, it is displayed under "User Accounts" at the top of the User Management Administration Web page. To make modifications to an existing user account, first click the checkbox next to the username so that the box is checked.
Then, choose an action such as Edit, Enable, Disable, or Remove.
Enabling and Disabling User Accounts
A user account must be enabled for the user to log on as a client and use the access point.
You can enable or disable any user account. With this feature, you can maintain a set of user accounts and authorize or prevent users from accessing the network without having to remove or re-create accounts. This can come in handy in situations where users have an occasional need to access the network. For example, contractors who do work for your company on an intermittent but regular basis might need network access for 3 months at a time, then be off for 3 months, and back on for another assignment. You can enable and disable these user accounts as needed, and control access as appropriate.
Enabling a User Account
To enable a user account, click the checkbox next to the username and click Enable.
A user with an account that is enabled can log on to the wireless access points in your network as a client.
Disabling a User Account
To disable a user account, click the checkbox next to the username and click Disable.
A user with an account that is disabled cannot log on to the wireless access points in your network as a client. However, the user remains in the database and can be enabled later as needed.
Removing a User Account
To remove a user account, click the checkbox next to the username and click Remove.
If you think you might want to add this user back in at a later date, you might consider disabling the user rather than removing the account altogether.
Backing Up and Restoring a User Database
You can save a copy of the current set of user accounts to a backup configuration file. The backup file can be used at a later date to restore the user accounts on the AP to the previously saved configuration.
Backing Up the User Database
To create a backup copy of the user accounts for this access point:
- Click the backup or restore the user database link.
A File Download or Open dialog is displayed.
- Choose the Save option on this first dialog.
This brings up a file browser.
- Use the file browser to navigate to the directory where you want to save the file, and click OK to save the file.
You can keep the default file name (wirelessUsers.ubk) or rename the backup file, but be sure to save the file with a .ubk extension.
Restoring a User Database from a Backup File
To restore a user database from a backup file:
- Select the backup configuration file you want to use, either by typing the full path and file name in the Restore field or click Browse and select the file.
(Only those files that were created with the User Database Backup function and saved as .ubk backup configuration files are valid to use with Restore; for example, wirelessUsers.ubk.)
- Click the Restore button.
When the backup restore process is complete, a message is shown to indicate that the user database has been successfully restored. (This process is not time-consuming; the restore should complete almost immediately.)
- Click the User Management tab to see the restored user accounts.
