Help Center User GuideGetting StartedFAQRelease Notes
 
X
User Guide
Getting Started
FAQ
Release Notes
Contents  

Overview of Remote Profiles in Security Director

Remote profiles are used to assign a specific set of roles to users when remote authentication and authorization are enabled in Junos Space. A remote profile is a collection of roles defining the set of functions that a user is allowed to perform.

Junos Space does not create remote profiles by default, and if you want to use remote authentication and authorization, you must create one or more remote profiles. When you create a remote profile, you must specify one or more roles and domains to associate with the remote profile. You can then configure the name of the remote profile for one or more user accounts in the remote authentication servers (RADIUS or TACACS+) that you are using for authentication and authorization. Remote profile names can be configured as a vendor-specific attribute (VSA) in RADIUS servers and as an attribute-value pair (AVP) in TACACS+ servers.

When a remote authentication server successfully authenticates a user session, the server includes the configured remote profile name for that user in the response message that is sent to Junos Space. Junos Space looks up the remote profile based on this name and determines the set of roles for the user. Junos Space then uses this information to control the set of workspaces the user can access and the tasks the user is allowed to perform.

Related Documentation

Ask questions in TechWiki

Check documentation in TechLibrary

Rating by you:      
X

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:
Email:

Need product assistance? Contact Juniper Support

Submit