The User Management module is designed for managing users and their access to the Network Configuration Manager application, and to the networks. Under User Management you can:
-
Define external authentication services, such as TACACS+, RADIUS and LDAP
-
Create users and set their authentication preferences
-
Manage users and groups
-
Create group assignments
-
Establish default network permissions for users and groups
-
Create permission policies to associate protected resources (such as networks and devices) with users and groups
-
Lock and unlock user accounts
-
Change passwords for users in the Network Configuration Manager native registry
-
Work with NCM RSA Services and RSA Tokens
Network Configuration Manager user security is segmented into two components:
-
Authentication services , providing login access to the application itself
-
Authorization services , which allows access to networks and devices managed by Network Configuration Manager
Authentication is provided via an external TACACS+ or Radius server, or through the Network Configuration Manager Native Registry. When creating user access to the application, you must first designate how they are authenticated during login; either via one of the external mechanisms, or via the application's native registry. No account passwords are required for external user authentication, as Network Configuration Manager passes the user credentials to an external authentication server.
Access to different networks, devices, and modules in Network Configuration Manager is handled by a robust, secure authorization system. Users and groups can be given default permissions that apply to all networks , or each network can be provided with a set of permission overrides. Global device overrides can also be granted to users and groups for the purpose of managing individual devices.
For more information on setting up authentication mechanisms in Network Configuration Manager, see External Authentication Serve r and Native Registry.
The User Management module allows the following functions to be completed:
Manage System Users
Manage System Groups
Manage Permissions