2 configuring device user authentication – H3C Technologies H3C Intelligent Management Center User Manual

7

2 Configuring device user authentication

TAM supports the following login methods:

•

Telnet

•

Console

•

SSH

•

FTP

TAM supports the following authentication and authorization methods:

•

TAM local authentication and authorization—The device to which a user wants to log in sends the
user account name and password to TAM. TAM authenticates the user to allow or deny the user

login. If the user is permitted to log in to the device, TAM performs login authorization and

command authorization for the user.

•

LDAP authentication and TAM local authorization—The device to which a user wants to log in

sends the user account name and password to the TAM server, which then sends the information to
the LDAP server for authentication. The LDAP server sends the authentication result to the TAM server.

TAM permits or denies the user login according to the authentication result. If the user is permitted

to log in to the device, TAM performs login authorization and command authorization for the user.

A login method and an authentication-authorization method work together to implement user
authentication and authorization. TAM supports authenticating and authorizing users who log in to the

devices through Telnet, console, and SSH.
For device users logging in through FTP, TAM supports only authentication.

Configuring TAM local authentication and
authorization

Configure TAM local authentication and authorization on TAM, the device, and the PC used by the

device user, respectively.

Figure 4

shows the recommended configuration procedure.