Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[STRM/ SA] External Authentication support

0

0

Article ID: KB18202 KB Last Updated: 30 Oct 2019Version: 3.0
Summary:

This article discusses the things that need to be considered when implementing external authentication, such as Radius or LDAP.

Solution:

Consider the following points when using external authentication:

  • Only one server is supported: There is only the ability to configure a single external authentication server, and there is not have an option for a backup server.
  • Users in the "admin" group will fall back to local authentication if the external server is not available. In this case, you will need to disable external authentication until the problem is resolved. To do this, perform the following:
    • Login as the "admin" user (using the admin user/password)
    • Assign the admin user account passwords
    • Once the problem is resolved, then re-enable external authentication.
  • User accounts must be created in JSA. Users in the external service who are not in JSA will not be able to login.
  • Time discrepancies will cause failed logins. JSA should be configured to use the same time source as the external authentication server.

 


If you are having issues with external authentication, turn on extended debugging as follows:

  1. Edit the file /store/configservices/staging/globalconfig/login.conf.
  2. Find the line "debug=false" and change this to "debug=true".
  3. From the Admin tab in the web UI, deploy changes.  Debugging information will then be sent to the file /var/log/qradar.log.
  4. When complete, disable the debugging, and deploy again.
Modification History:
2019-10-29: Minor, non-technical edits.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search