SSL VPN
Reply
Contributor
aeroplane
Posts: 724
Registered: ‎06-30-2009
0

Additional Authentication server?

Hi

 

When we configure authentication realm, in authentication server tab, there is a option "additional authentication server". Here What is the difference b/w:

 

username is specified by user on sign-in page OR predefined as <USER>

password is specified by user on sign-in page OR predefined as <PASSWORD>

 

Thanks

 

Distinguished Expert
muttbarker
Posts: 2,371
Registered: ‎01-29-2008
0

Re: Additional Authentication server?

This is for using a two authentication servers. If you use the predefined value shown <USER>... then the SA box will pass the value given on the login page to the second auth server. If you click the "specified" button the user must key in a value.

 

Hope that makes sense.

Kevin Barker
JNCIP-SEC
JNCIS-ENT, FWV, SSL, WLAN
JNCIA-ER, EX, IDP, UAC, WX
Juniper Networks Certified Instructor
Juniper Networks Ambassador

Juniper Elite Reseller
J-Partner Service Specialist - Implementation

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Trusted Contributor
stine
Posts: 435
Registered: ‎05-05-2008
0

Re: Additional Authentication server?

Also remember that    <USER>   is the DOMAIN\USERNAME, and    <USERNAME>   is USERNAME.

 

Depending on your default Win2k8 configuration using <USER> in SSO can compensate for lazy NTadmins.

 

Of course it's also helpful in a multi-domain network.

Theodore E Van Iderstine
Stream Networks
+1 678 373 4200 x125
JNCIA-ER (expired), JNCIA-SSL (ditto)
Moderator
zanyterp
Posts: 2,300
Registered: ‎11-19-2007
0

Re: Additional Authentication server?

 

The option pre-defined as <USER> , <USERNAME>, or <PASSWORD> means that those fields are determined from the primary authentication
The option "specified by user" means that the user will have to manually enter the username/password.

What this effectively means is you as the admin control the number of prompts the users see. If the usernames are identical between primary and secondary, you can use <USER> so that users only have to manually enter the password

 

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.