WUI Authentication and Authorization Options
- Last Updated: October 14, 2024
- 1 minute read
- LoadMaster
- Multi-Tenant LoadMaster
- Documentation
Parameters relating to WUI Authentication and Authorization Options can be managed using get and set commands.
Example Command
curl -k "https://<Username>:<Password>@<MTIPAddress>/mtaccess/get?param=ldaprevalidateinterval"Available Parameters
|
Name |
Type |
Range |
Description |
|---|---|---|---|
|
ldapbackupserver |
A |
|
Specifies the backup LDAP server for authentication. |
|
ldapsecurity |
I |
0 = Not Encrypted 1 = StartTLS 2 = LDAPS |
Specifies the security mode for LDAP authentication. |
|
ldapserver |
A |
|
Specifies the LDAP server to use for authentication. |
|
ldaprevalidateinterval |
B |
|
Specifies how often to revalidate the authentication to the LDAP server. |
|
radiusbackupport |
I |
3-65535 |
Specifies the TCP port for the backup RADIUS server. |
|
radiusbackupsecret |
S |
|
Specifies the password (secret) to the backup RADIUS server. |
|
radiusbackupserver |
A |
|
Specifies the backup RADIUS server to use for authentication. |
|
radiusport |
I |
3-65535 |
Specifies the TCP port for communication to the RADIUS server. |
|
radiusrevalidateinterval |
I |
10-86400 |
Specifies when to revalidate the authentication to the RADIUS server. |
| radiussendnasid | B |
0 - Disabled 1 - Enabled |
If this parameter is disabled (default), a NAS identifier is not sent to the RADIUS server. If it is enabled, a Network Access Server (NAS) identifier string is sent to the RADIUS server. By default, this is the hostname. Alternatively, if you specify a value in the radiusnasid parameter, this value is used as the NAS identifier. If the NAS identifier cannot be added, the RADIUS access request is still processed. |
| radiusnasid | S |
If the radius_send_nas_id parameter is enabled, the radius_nas_id parameter is relevant. When specified, this value is used as the NAS identifier. Otherwise, the hostname is used as the NAS identifier. If the NAS identifier cannot be added, the RADIUS access request is still processed. This parameter is only relevant if the radiussendnasid parameter is enabled. |
|
|
radiussecret |
S |
|
Specifies the password (secret) to the RADIUS server. |
|
radiusserver |
A |
|
Specifies the RADIUS server to use for authentication. |
|
sessionlocalauth |
B |
|
Enables or disables local authentication. |
|
sessionauthmode |
I |
Refer to the table below |
Specifies the authentication mode for the load balancer.
|
The table below describes the Radius, LDAP and Local user options that are selected depending on the value given to the sessionauthmode parameter
|
|
Radius |
LDAP |
Local |
||
|---|---|---|---|---|---|
|
Value |
Authent. |
Author. |
Authent. |
Authent. |
Author. |
|
7 |
No |
No |
No |
No |
No |
|
263 |
Yes |
No |
No |
Yes |
Yes |
|
775 |
Yes |
Yes |
No |
Yes |
Yes |
|
23 |
No |
No |
Yes |
Yes |
Yes |
|
22 |
No |
No |
Yes |
No |
Yes |
|
788 |
Yes |
Yes |
Yes |
No |
No |
|
790 |
Yes |
Yes |
Yes |
No |
Yes |
|
791 |
Yes |
Yes |
Yes |
Yes |
Yes |
|
789 |
Yes |
Yes |
Yes |
Yes |
No |
|
773 |
Yes |
Yes |
No |
Yes |
No |
|
262 |
Yes |
No |
No |
No |
Yes |
|
774 |
Yes |
Yes |
No |
No |
Yes |
|
772 |
Yes |
Yes |
No |
No |
No |
|
278 |
Yes |
No |
Yes |
No |
No |
|
279 |
Yes |
No |
Yes |
Yes |
Yes |
Example Output
<Response stat="200" code="ok"><Success><Data><ldaprevalidateinterval>60</ldaprevalidateinterval></Data></Success></Response>