5.7.4. How to use usergroups

How you should name usergroups depends on the way you manage your PSM users.

  • Local users: If you use only local users, create or modify usergroups on the AAA > Group Management page, assign or modify privileges on the AAA > Access Control page, and add users to the groups on the AAA > Local Users or the AAA > Group Management page.

  • LDAP users and LDAP groups: If you manage your users from LDAP, and also have LDAP groups that match the way you want to group your PSM users, create or modify your usergroups on the AAA > Access Control page and ensure that the name of your LDAP group and the PSM usergroup is the same. For example, to make members of the admins LDAP group be able to use PSM, create a usergroup called admins on the AAA > Access Control page and edit the privileges of the group as needed.

    Warning

    A user can belong to a maximum of 10,000 groups, further groups are ignored.

  • RADIUS users and local groups: This is the case when you manage users from RADIUS, but you cannot or do not want to create groups in LDAP. Create your local groups on the AAA > Access Control page, and add your RADIUS users to these groups on the AAA > Group Management page.