Manualshelf

User Guide

ManualsBrandsNortel Networks ManualsOther4050
191192193194195196197198199200
Chapter 5 Configuring groups and profiles 193
Nortel Secure Network Access Switch 4050 User Guide
Each group’s data include the following configurable parameters:
linksets
TunnelGuard SRS rule
extended profiles
After the user has been authenticated, the Nortel SNAS 4050 checks the groups
defined for the domain to match the group name returned from the authentication
database. For the duration of the user’s login session, the Nortel SNAS 4050
maintains a record of the group matched to the user.
When the Nortel SNAS 4050 has identified the matching group, it applies group
data to the user as follows:
linksets — All linksets configured for the group of which the user is a member
display on the user’s portal page (see “Linksets” on page 194).
TunnelGuard SRS rule — The TunnelGuard host integrity check uses the
criteria specified in the SRS rule assigned to the group.
extended profiles — The Nortel SNAS 4050 checks the group to identify if
there is an applicable extended profile (see “Extended profiles” on page 195).
For information about configuring a group, see “Configuring groups using the
CLI” on page 198 or “Configuring groups using the SREM” on page 208.
Default group
You can configure a group to be the default group, with limited access rights. If
the group name returned from the authentication database does not match any
group defined on the Nortel SNAS 4050, the Nortel SNAS 4050 will map the user
to the default group.
To create a default group, see “Creating a default group using the CLI” on
page 208 or “Creating a default group using the SREM” on page 230.