cancel
Showing results for 
Search instead for 
Did you mean: 

User Realms/Roles/etc.

Highlighted
Occasional Contributor

User Realms/Roles/etc.

We have a demo SA2500 from Juniper and I must be missing something very fundamental here.

We have several users setup in in the system local db.

We have a user realm of: Staff, Techs, Management

The staff realm has role mapping set to "username is *" and it assigns the roles: staff

Staff role has the web access feature enabled, and has 12 bookmarks.


BUT, any user who logs into the VPN doesn't see the bookmarks.

Advice please...

3 REPLIES 3
Highlighted
Contributor

Re: User Realms/Roles/etc.

You should run a Policy Trace to ensure you are getting the roles you think you are and ensure that bookmarks are enabled.

Policy Tracing - First have the user logout of the system.

Go to Maintenance-->Troubleshooting-->Users Sessions-->Policy Tracing. Plug in the username, Realm, and choose the top 3 options (Pre-Authentication, Authentication, Role Mapping) and then click "Start Recording". Once the user logs in go back to Policy Tracing and choose "View Log" and read through to determine if you are getting the role you think you should be getting.

Check the role:

Go to Users-->Users Roles--><pick a role>-->General and make sure there is a checkbook next to "Web".

Highlighted
Super Contributor

Re: User Realms/Roles/etc.

hey Jahmal it is really great to see more juniper participation on these forusm especailly from senior guys like yourself.

Highlighted
Occasional Contributor

Re: User Realms/Roles/etc.

Thank you for the information, though it simply took me waiting and the bookmarks showed up. I would have thought it would have been an instant update.