You configure auth profiles at the users auth-profile level.
To create an auth profile, use the following command:
Admin@UGOS# create users auth-profileProvide the following parameters:
|
Parameter |
Description |
|---|---|
|
name |
Profile name. |
|
description |
Profile description. |
|
mfa |
Specify the multifactor authentication profile (if it is required). An MFA profile you specify must be already created. For more details about creating MFA profiles using CLI, see Configuring MFA (multifactor authentication) profiles. |
|
idle-time |
Idle time before disconnection (in seconds). After the specified time without activity the user's status will change to Unknown user. |
|
expiration-time |
Authorized user time-to-live (in seconds). After the specified time the user's status will change to Unknown user and they will have to authorize again on the Captive portal. |
|
max-attempts |
Max authorization failures through the Captive portal allowed before the user account is locked. |
|
lockout-time |
Time (in seconds) for which the user account is locked if the specified number of max failures is reached. |
|
auth-method |
Authentication method:
|
To update an auth profile settings, use the following command:
Admin@UGOS# set users auth-profile <auth-profile-name>The list of parameters available to update is the same as for the create command.
You can use the command line interface to delete an entire profile or individual authentication methods specified in a profile. To do this, use the following commands.
To delete an authentication profile:
Admin@UGOS# delete users auth-profile <auth-profile-name>To delete authentication methods configured in a profile, you need to specify an authentication method (available methods are listed in the table above):
Admin@UGOS# delete users auth-profile <auth-profile-name> auth-method