HP Intelligent Management Center v5.1 TACACS+ Authentication Manager Administrator Guide

ManualsBrandsHP ManualsComputer AccessoriesHP IMC TACACS+ Authentication Manager Software Module Additional 50-node QTY E-LTU

101

102

103

104

105

106

107

108

109

110

103

The Online User Details page appears.

Online user details

 Account Name—Name of the account.

 Username—Real name of the online user.

 Login Name—Username sent by the device to TAM. It is not the username that a device user

entered when logging in to the device. Redundant information exists in the login name. TA M

excludes the redundant information according to predefined rules, and then matches the

simplified login name against the account name and authenticates the device user. Assume the

username a device user entered at login is HP\Jack001. The user is required to use domain opt

for authentication and the TACACS+ scheme in domain opt authentication requires that the

username carry domain, so the username that the device sends to TAM is HP\Jack001@opt.

TAM simplifies the login name to Jack001 according to predefined rules and matches Jack001

against the account name in TAM. The rules for excluding redundant information in a login

name are configured in system parameter configuration. For more information, see

"Configuring system parameters."

 Device User Group—Device user group to which the online user belongs.

 Authorization Policy—Authorization policy that is being used by the online user.

 Device IP—IP address of the device to which the online user logs in.

 User IP Address—IP address of the online user.

 Terminal—Terminal that the online user uses to log in to the device. For example, when a user

Telnets to the device, this field displays VTY 0 through VTY 15. When a user logs in to the

device through the console port, this field displays AUX 0, AUX 1, and so on.

 Login Time—Time when the online user logs in to the device, in the format of YYYY-MM-DD

hh:mm:ss.

 Online Duration (sec.)—Online duration of the user. If the device where the user logs in sends

a Watchdog packet to TAM, TAM updates the online duration of the user accordingly. If the

device does not support sending Watchdog packets to TAM or sending Watchdog packets is

disabled, the online duration of the user is always 0.

4. To return to the online user list, click Back.

Clearing online user information

A device user that has logged out of the device but is displayed as online in TAM is called a halted user.

Halted users can appear in the following cases:

• The device is powered off and rebooted. All online users log out, but the device does not send

offline requests to TAM.

• When a device user logs out, the offline request sent by the device to TAM is lost.

TAM provides the following methods to clear online information about halted users:

• TAM automatically clears the online information about a halted user when the duration that the user

is halted exceeds the predefined time.

The time is controlled by the system parameter Aging Time. For more information about

configuring system parameters, see "Configuring system parameters." When you add or modify a

device in TAM, if you select Not Supported for the Watchdog field, TAM cannot automatically

clear online users that log in to the device. For how to configure a device, see "Configuring a

device."