beautypg.com

11 managing access users, Access users and platform users – H3C Technologies H3C Intelligent Management Center User Manual

Page 179

background image

161

11 Managing access users

Access users and platform users

Users configured in the IMC platform are referred to as platform users, and are not related to any services.

The term "user" refers to an access user, unless otherwise specified.
An access user:

Is used for network access only.

Identifies a network user.

Is attached to a platform user. Multiple access users can be attached to the same platform user.

An office network typically contains a large number of users that need to access the Internet. In some

cases, one user may need multiple different access privileges.
In UAM, you use the user + service mode to apply for multiple services for the same user, where each

service contains one or more access scenarios that map to different access conditions and access control
policies. With the user + Access Service, different access policies can apply to the same user who meets

different access conditions.
IMC UAM offers a unified user management platform that classifies access users into ordinary access

users, mute terminal users, LDAP users, and guests.

Ordinary access user—Endpoint users that have long-term requirements on network access with the
user data stored in UAM.

Mute terminal user—Endpoints that cannot actively initiate authentication, such as IP phones and
printers.

LDAP user—Endpoint users that have long-term requirements on network access with the user data
stored in UAM and the LDAP server.

Guest—Endpoint users that have temporary network access requirements.

Table 17 Support of different users for functions

Function

Ordinary

access user

Mute terminal

user

LDAP user

Guest

User data storage location

UAM

UAM

UAM and LDAP
server

UAM

Batch

operations Yes Yes Yes No

Authentication function

802.1X authentication

Yes

No

Yes

Yes

Portal authentication

Yes

No

Yes

Yes

VPN authentication

Yes

No

Yes

Yes

MAC authentication
*The username must be in the
MAC address format.

Yes*

Yes Yes*

Yes*

See also other documents in the category H3C Technologies Safety: