5-1
v1.0, September 2009
Chapter 5
Managing Users, Groups, and Authentication
This chapter describes how to manage users, groups, and authentication on the STM. This chapter
contains the following sections:
•
“About Users, Groups, and Domains
on this page.
•
“Configuring Groups” on page 5-2
.
•
“Configuring User Accounts” on page 5-7
.
•
“Configuring Authentication” on page 5-9
.
•
“Global User Settings” on page 5-24
.
•
“Viewing and Logging Out Active Users” on page 5-26
.
About Users, Groups, and Domains
Users can be individual users or can be part of a group, and a group is generally part of a domain.
Normally, you first create a domain, then you create a group that you assign to a domain, and then
you create users that you assign to a group. The STM does not let you create domains; the local
groups that you define are automatically assigned to the STM’s prosecuredomain default domain.
However, you can use existing LDAP and RADIUS domains on the STM.
The main purpose for using groups and domains is to apply exceptions (that is, adding or removing
restrictions) for Web browsing, URL access, and application access (see
“Setting Web Access
Exception Rules” on page 4-50
).
The STM supports both unauthenticated and authenticated users:
•
Unauthenticated users
. Anonymous users who do not log in to the STM and to which the
STM’s default e-mail and Web access policies apply.
Note:
For information about a different type of users—those with administrative and
guest privileges—see
“About Users with Administrative and Guest Privileges” on
page 3-9
.
DRAFT