What is user management?
Local user management
The NSP uses Keycloak-based OAUTH2 user authentication, which supports locally defined users for NSP access. If the NSP is integrated with NFM-P, you can also import the NFM-P users to the NSP local user database. Remote authentication agents are also supported.
Note: The NSP does not support case-sensitive user names; local and remote user names are saved in lowercase. User name entry at sign-in is case-insensitive.
NSP Users and Security supports up to 5000 users, except where noted.
For all local and remote users, the Users and Security GUI lists information that includes the authentication source, the user creation time, and the most recent login time.
Local user accounts can be used for machine-to-machine interaction, rather than creating user accounts in your corporate user database. They also provide a backup mechanism for cases where NSP cannot communicate with the corporate user database.
Note: The NSP does not support case-sensitive usernames; local and remote usernames are saved in lowercase. Username entry at sign-in is case-insensitive.
Remote user management
NSP supports remote LDAP (including Active Directory), RADIUS, and TACACS authentication servers.
With remote user management, the NSP first attempts to verify login attempts against the local user database. If the user account is not found locally, NSP searches the remote authentication servers (LDAP first, followed by RADIUS or TACACS). If a user account is found in an authentication source (local or remote) but fails the password check, the authentication attempt stops and does not continue to any other authentication sources.
If NSP is configured for remote user authentication with an Active Directory server, the AD users also appear as local accounts in the NSP database. However, AD users are bulk imported to NSP at system startup. The bulk import of AD users into NSP is automatic and cannot be avoided, but customers can manage the scope of the import by defining user and group filters so that only the intended AD users for access to NSP are auto-imported.
Note: NSP Users and Security supports a maximum combined total of 1000 local and remote users when Active Directory is configured.