Configuring user authentication
You can configure authentication and authorization for users of the system.
The system supports both local users and remote users who are authenticated to the system through a remote authentication service. You can create local users who can access the system. These user types are defined based on the administrative privileges that they have on the system. Local users must provide either a password, a Secure Shell (SSH) key, or both. Local users are authenticated through the authentication methods that are configured on the system. If the local user needs access to the management GUI, a password is needed for the user. If the user requires access to the command-line interface (CLI) through SSH, either a password or a valid SSH key file is necessary. Local users must be part of a user group that is defined on the system. User groups define roles that authorize the users within that group to a specific set of operations on the system.
A remote user is authenticated on a remote service with Lightweight Directory Access Protocol (LDAPv3) support. A remote user does not need to be added to the list of users on the system, although they can be added to configure optional SSH keys. Remote users cannot access the system when the remote service is down. In that case, a local user account must be used until the remote service is restored. Remote users have their groups defined by the remote authentication service.
To configure remote authentication with Lightweight Directory Access Protocol, select .