Local Users are users stored and managed on the security appliance’s local database. In the
Users > Local Users
page, you can view and manage all local users, add new local users, and edit existing local users.
See the following sections for configuration instructions:
The following global settings can be configured for all local users on the
Users > Local Users
page:
|
|
•
|
Prune account upon expiration
- For a user account that is configured with a limited lifetime, selecting this checkbox causes the user account to be deleted after the lifetime expires. Disable this checkbox to have the account simply be disabled after the lifetime expires. The administrator can then re-enable the account by resetting the account lifetime.
|
You can view all the groups to which a user belongs on the
Users > Local Users
page. Click on the expand icon 
next to a user to view the group memberships for that user.
The three columns to the right of the user’s name list the privileges that the user has. In the
expanded view, it displays which group the user gets each privilege from.
You can add local users to the internal database on the SonicWALL security appliance from the
Users > Local Users
page. To add local users to the database:
|
Step 1
|
Click
Add User
. The Add User
configuration window displays.
|
|
Step 2
|
On the
Settings
tab, type the user name into the Name
field.
|
|
Step 3
|
In the
Password
field, type a password for the user. Passwords are case-sensitive and should consist of a combination of letters and numbers rather than names of family, friends, or pets.
|
|
Step 5
|
Optionally, select the
User must change password
checkbox to force users to change their passwords the first time they login. Select the Require one-time passwords
checkbox to enable this functionality requiring SSL VPN users to submit a system-generated password for two-factor authentication.
|
|
Step 7
|
In the
Account Lifetime
pulldown menu, select Never expires
to make the account permanently. Or select Minutes
, Hours
, or Days
to specify a lifetime after which the user account will either be deleted or disabled.
|
|
|
•
|
If you select a limited lifetime, select the
Prune account upon expiration
checkbox to have the user account deleted after the lifetime expires. Disable this checkbox to have the account simply be disabled after the lifetime expires. The administrator can then re-enable the account by resetting the account lifetime.
|
|
Step 9
|
On the
Groups
tab, under User Groups
, select one or more groups to which the user will belong, and click the arrow button -> to move the group name(s) into the Member of
list. The user will be a member of the selected groups. To remove the user from a group, select the group from the Member of
list, and click the left arrow button <-.
|
|
Step 10
|
The
VPN Access
tab configures which network resources VPN users (either GVC, NetExtender, or Virtual Office bookmarks) can access. On the VPN Access
tab, select one or more networks from the Networks
list and click the right arrow button (->
) to move them to the Access List
column. To remove the user’s access to a network, select the network from the Access List
, and click the left arrow button (<-
).
|
|
|
Note
|
The
VPN access
tab affects the ability of remote clients using GVC, NetExtender, and Virtual Office bookmarks to access network resources. To allow GVC, NetExtender, or Virtual Office users to access a network resource, the network address objects or groups must be added to the “allow” list on the VPN Access
tab.
|
|
Step 11
|
On the
Bookmark
tab, administrators can add, edit, or delete Virtual Office bookmarks for each user who is a member of a related group. For information on configuring SSL VPN bookmarks, see “
Configuring SSL VPN Bookmarks
”
.
|
|
Step 12
|
Click
OK
to complete the user configuration.
|
You can edit local users from the
Users > Local Users
screen. To edit a local user:
in the VPN Access column to view the
network resources to which the user has VPN access.
under Configure to remove the user from 
under Configure to edit the user.
under Configure to delete the user or group in that row.