External User Authentication
Users who belong to the external domain user group are
authenticated outside of
OCSDM by an external
domain server. You can select either a RADIUS domain server or Active Directory
(AD) domain controller:
- A RADIUS server provides centralized Authentication, Authorization, and Auditing/Accounting (AAA) security protocol management for users who connect and use a network service.
- An AD domain controller provides a directory service in a Windows domain type network using Lightweight Directory Access Protocol (LDAP) versions 2 and 3, Microsoft's version of Kerberos, and DNS.
An external domain user group must be mapped to an internal (local) user group in OCSDM so that this external domain user group and its users inherit the authorization privileges that are specific to the local user group.
Note:
Internal and external users are both supported simultaneously. However, external users do not have corresponding stored user records or username and password information.