Managing Users and Groups contents.gifprev1.gifnext1.gif

Managing Users and Groups

wingate200000000.gif

Additional users and groups can only be administered in WinGate 2.1 Pro. WinGate 2.1 Lite does not allow addition or deletion of User or Group records.

WinGate can log individual user data. To do this you must create individual users, and set their access rights. This process is very similar to user administration in Windows NT.

When WinGate is first installed, or if the user database is lost, WinGate will create a basic database with the built-in users and groups.

Administrator

This user can not be deleted. When WinGate is installed the Administrator account has no password, but they must set a password immediately. Initial administration can only be done on the WinGate machine. This user has full control over all WinGate functions. Qbik recommend that this account is only used for an initial setup, and as a backup account for the system administrator.

Guest

The guest account has no default password and cannot be deleted. Guest is the account that all unknown users access by default. You can give any rights to the Guest user, but by default, users with Guest privileges only have rights to access services, but no configuration rights.

User assumptions

These are an easy way to log user activity without requiring users to authenticate with WinGate. You can set up assumptions based on machine name or IP number, so when a user connects from a known computer, they are assumed to be a given user.

It is not mandatory to add further users. For small WinGate installations, you may decide that no one needs to be tracked individually.

Some considerations

You have the options to implement any of these policies plus many more at your discretion:

wingate200090000.gif Allow administration only on WinGate machine, or predetermined machines

wingate200090000.gif Require authentication or not

wingate200090000.gif Have separate accounts for all administrators

wingate200090000.gif Require authentication, but have shared user accounts (eg per class, see below)

wingate200090000.gif Accounting to monitor access levels

wingate200090000.gif Groups per company division

wingate200090000.gif Accounting per person

wingate200090000.gif allow guest access or not

Setting up individual users or groups is so simple that most people with this feature will choose to do so.

Remember these points:

wingate200090000.gif If someone is accessing WinGate services from an unknown location (i.e. no location entry) without authenticating, they will be user Guest

wingate200090000.gif You can set rules per group, so make use of groups as they save you set up time

wingate200090000.gif Individual WinGate Users can belong to several Groups

wingate200090000.gif Accounting does not have to be enforced (i.e. charged), but it is useful to see who uses the Internet the most. You can also stipulate that someones account balance be positive.

wingate200090000.gif A shared user account is very useful. Setting up one or more user accounts that can be used by different people is a way of tracking the usage of a group. This is most likely to be used in schools, where a whole class can use one user account (e.g. Room4). A tutor can have an individual account, but be in the same group and an Admin group. This way you can monitor the group usage and wont have to setup so many accounts.

wingate200090000.gif Assumptions can save people logging in. If certain machines are only ever used by one person, then give them an assumption and they wont have to log in!

wingate200090000.gif If you setup your bindings in a secure way, your network cant be accessed from outside. You may decide you dont require clients to log in.