Citrix Systems Network Router NETSCALER 9.3 User Manual
5. In Group Attribute Type, type the value, and click OK twice.
Configuring TACACS+ Authentication
You can configure a TACACS+ server for authentication. Similar to RADIUS
authentication, TACACS+ uses a secret key, an IP address, and the port number. The
default port number is 49. To configure the NetScaler to use a TACACS+ server, provide
the server IP address and the TACACS+ secret. The port needs to be specified only when
the server port number in use is something other than the default port number of 49.
authentication, TACACS+ uses a secret key, an IP address, and the port number. The
default port number is 49. To configure the NetScaler to use a TACACS+ server, provide
the server IP address and the TACACS+ secret. The port needs to be specified only when
the server port number in use is something other than the default port number of 49.
To configure TACACS+ authentication by using the
configuration utility
1. In the navigation pane, expand System, and then click Authentication.
2. On the Policies tab, click Add.
3. In Name, type a name for the policy.
4. In Authentication Type, select TACACS.
5. Next to Server, click New.
6. In Name, type a name for the server.
7. Under Server, type the IP address and port number of the TACACS+ server.
8. Under TACACS server information, in TACACS Key and Confirm TACACS key, type
the key.
9. In Authorization, select ON and click Create.
10. In the Create Authentication Policy dialog box, next to Named Expressions,
select the expression, click Add Expression, click Create, and click Close.
After the TACACS+ server settings are configured on the NetScaler, bind the policy to
the system global entity. For more information about binding authentication policies
globally, see
the system global entity. For more information about binding authentication policies
globally, see
on page
45.
Configuring NT4 Authentication
You can configure the NetScaler appliance to use Windows NT LAN Manager (NTLM)
authentication to authenticate users against the user database on a Windows NT 4.0
domain controller. A Windows NT 4.0 domain controller maintains domain user accounts
in a database on the Windows NT 4.0 server. A domain user account includes a user
name and password and other information about the user.
authentication to authenticate users against the user database on a Windows NT 4.0
domain controller. A Windows NT 4.0 domain controller maintains domain user accounts
in a database on the Windows NT 4.0 server. A domain user account includes a user
name and password and other information about the user.
When a user logs on to the NetScaler, the user enters the user name and password
maintained in the domain user account on the Windows NT 4.0 server. The NetScaler
connects to the Windows NT 4.0 server and passes these credentials to the server. The
server authenticates the user. If you need to configure the NetScaler to authenticate
clients against a Windows NT 4.0 primary or backup domain controller, you need to
specify the server IP address, the domain name, and the domain administrator user
maintained in the domain user account on the Windows NT 4.0 server. The NetScaler
connects to the Windows NT 4.0 server and passes these credentials to the server. The
server authenticates the user. If you need to configure the NetScaler to authenticate
clients against a Windows NT 4.0 primary or backup domain controller, you need to
specify the server IP address, the domain name, and the domain administrator user
Chapter 1
Authentication and Authorization
44