Global Device/Setup Authentication Settings vs Device/Setup/Authentication Profile
Hello good afternoon, thank you very much for the usual collaboration.
I have the following doubt, at Global level in Device/Setup Authentication Settings there are parameters such as: Failed Attempts and Lockout Time and also if I create an Authentication profile appears the Account Lockout section, which are also Failed Attempts and Lockout Time settings.
Now that this is clear, if I create a local account called: testadmin01
Then that account, I create it as in Device/Setup/Administrators, I associate it to an Authentication profile ( Local Database ), and in its Account Lockout settings I have configured Failed Attempts with value 3 and Lockout Time: 30 minutes.
But also at a global level, i.e. Device/Setup Authentication Settings I have Failed Attempts configured with value 5 and Lockout Time: 30 minutes.
Based on the above, which settings, which configurations are superimposed over the other ? the global or the custom authentication profile ? Which of the two is valid, which one has real practical validity?
Thank you
I remain attentive
Best regards
The global settings apply if you also configure global authentication. This means you don't create local accounts and assign them an auth profile, but instead you create some admin roles and have your radius/IdP/... return attributes for authorized users so they get a role