01-15-2010 11:33 AM
When we configure authentication realm, in authentication server tab, there is a option "additional authentication server". Here What is the difference b/w:
username is specified by user on sign-in page OR predefined as <USER>
password is specified by user on sign-in page OR predefined as <PASSWORD>
01-19-2010 09:22 AM
This is for using a two authentication servers. If you use the predefined value shown <USER>... then the SA box will pass the value given on the login page to the second auth server. If you click the "specified" button the user must key in a value.
Hope that makes sense.
JNCIS-ENT, FWV, SSL, WLAN
JNCIA-ER, EX, IDP, UAC, WX
Juniper Networks Certified Instructor
Juniper Networks Ambassador
Juniper Elite Reseller
J-Partner Service Specialist - Implementation
If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
02-03-2010 10:22 PM
Also remember that <USER> is the DOMAIN\USERNAME, and <USERNAME> is USERNAME.
Depending on your default Win2k8 configuration using <USER> in SSO can compensate for lazy NTadmins.
Of course it's also helpful in a multi-domain network.
+1 678 373 4200 x125
JNCIA-ER (expired), JNCIA-SSL (ditto)
02-19-2010 10:50 PM
The option pre-defined as <USER> , <USERNAME>, or <PASSWORD> means that those fields are determined from the primary authentication
The option "specified by user" means that the user will have to manually enter the username/password.
What this effectively means is you as the admin control the number of prompts the users see. If the usernames are identical between primary and secondary, you can use <USER> so that users only have to manually enter the password