You can view a list of all local and remote user accounts that have logged into Citrix SD-WAN Center virtual machine at least once. Remote user accounts are authenticated through RADIUS or TACACS+ authentication servers. You can also add a new local user account to Citrix SD-WAN Center.
If a user-account is available on a remote authentication server but is never used to log on to Citrix SD-WAN Center, it is not displayed in the Users list.
To view user accounts
In the SD-WAN Center web interface, navigate to Administration > User/Authentication Settings.
A list of user accounts appears in the Users section.
The following information is displayed:
- Name: The user account name.
Type: The type of user account, it can be one of the following:
- Local: User accounts created and managed locally using the SD-WAN Center interface.
- RADIUS: Remote user accounts authenticated by the RADIUS server.
- TACACS+: Remote user accounts authenticated by the TACACS+ server.
- Level: The account privilege. Admin account has administrative privileges, while a guest account is a read-only account.
- Created: For local user accounts, the date the user account was created. For a remote user account, the date of the first login session.
- Modified: For local user accounts, the date the password was last changed. For remote users, the date of the first login session.
- Last Login: The date the user last successfully logged in. A tooltip displays the IP Address of the device used to log in.
- Last Active: The date the last request was made to the server. A tooltip displays the IP Address of the device used to log in.
Manage: Click the gear icon to view a menu containing the following options:
- Set Password: Change Password for the local user account. The current root password is required to change the root password. You cannot change passwords of remote user accounts.
- Reset: Remove the workspaces and preferences for this user account.
- Delete: Delete the local user account, workspaces, and preferences from SD-WAN Center. You cannot delete remote and admin accounts.
- Enable Two-factor: Enable two-factor authentication for the local and remote user account. For more information, see Two-factor Authentication.
To add a new local user account to the Citrix SD-WAN Center:
The user accounts created locally on Citrix SD-WAN Center do not have the privilege to edit and export the network configuration package to the MCN.
Click the add icon + next to Users. The Add Local User dialog box appears.
Enter values for the following parameters:
- User Name: The username for the local user account.
- Level: The account privilege. A guest user account is a read-only account limited to viewing dashboard, reports, and statistics. The guest user account does not have the privilege to edit and export the network configuration package to the MCN.
- Password: The password for the user account.
- Confirm Password: Reenter the password for confirmation.
Select Enable Two-factor to enable two-factor authentication for the local user account.
The Enable Two-factor option appears only when the secondary authentication server is configured.
Configure a secondary authentication server, either RADIUS, or TACAS+ authentication. Ensure that the user account is configured on the secondary authentication server. For more information, see Secondary authentication.
Click Add. The new user account is created and the account information is added to the Users table.
Citrix SD-WAN Center can have up to 600 local users.