Situations when Metasys system login screen appears for RADIUS users - Metasys - LIT-1201528 - General System Information - Metasys System - 10.1

Security Administrator System Technical Bulletin

Product name
Metasys System
Document type
Technical Bulletin
Document number
Revision date

The following situations produce the Metasys system login screen for RADIUS users.

  • when you log out of the Metasys Site Management Portal UI (either manually or when a user session ends)
  • if RADIUS user authentication fails for any reason
  • when you are logged in to the Windows OS with a RADIUS user account that is not privileged within the Metasys system
  • if the RADIUS server is unavailable
  • when you are logged in to the Windows OS using a local Windows account and not a RADIUS user account
  • when access to RADIUS server is restricted at login time through a RADIUS user time sheet (known as Logon Hours) or access is restricted to the Metasys system through the Metasys time sheet. RADIUS server Logon Hours takes precedence, so if you are restricted from operating system access, but not restricted by a Metasys time sheet, access to the Metasys system as a RADIUS user is not granted.
  • if your RADIUS user account is enabled, but overridden to disabled with the Metasys Access Suspended property within Metasys Security Administration User Properties
  • if you log in to a Metasys device
  • if Metasys authorization fails for any reason, such as when a user without System Configuration Tool permissions attempts to log in to SCT

When the Metasys Site Management Portal UI login window appears, and the site has RADIUS authentication enabled, RADIUS appears in the Login to field.

Figure 1. Metasys Login Screen with RADIUS Server Domain List

From this screen, you have the following options:

  • Enter a RADIUS username and password, and click RADIUS in the drop-down list.
  • Enter a RADIUS username in the form of domain\username and a RADIUS password. (The Login to drop-down list becomes disabled.)
Note: Usernames are obscured at login for RADIUS accounts. After login, usernames are partially obscured (for example, JSmith appears as JSm***).

The user credentials are strongly encrypted before being transmitted over the network for authentication. These credentials are active for the entire Metasys Site Management Portal UI session until you log out (or the user session terminates).

If the Metasys Device Manager has not fully started, and you try to log in to the Metasys server, a runtime status error occurs and the Metasys login screen appears. In this case, the Metasys login screen does not display the RADIUS server domain drop-down list and you are not able to log in as a RADIUS user.

To log in as a RADIUS user, you must close the login screen, wait a few moments for the Metasys Device Manager to fully start, then navigate again to the Metasys server. If you remain at the login screen following the startup error and do not close it, then log in with a Metasys local user account. All RADIUS menu options and functions are unavailable. To restore RADIUS options and functions, you must close the browser and navigate to the Metasys server again, then specify your RADIUS user credentials.