Chapter 7: User Management1372. On your Active Directory server, create new groups with the samegroup names as in the previous step.3. On your AD server, assign the KX II users to the groups created instep 2.4. From the KX II, enable and configure your AD server properly. SeeImplementing LDAP/LDAPS Remote Authentication (on page132).Important Notes Group Name is case sensitive. The KX II provides the following default groups that cannot bechanged or deleted: Admin and . Verify that your ActiveDirectory server does not use the same group names. If the group information returned from the Active Directory serverdoes not match the KX II group configuration, the KX II automaticallyassigns the group of to users who authenticatesuccessfully. If you use a dialback number, you must enter the following case-sensitive string: msRADIUSCallbackNumber. Based on recommendations from Microsoft, Global Groups with useraccounts should be used, not Domain Local Groups.Implementing RADIUS Remote AuthenticationRemote Authentication Dial-in User Service (RADIUS) is an AAA(authentication, authorization, and accounting) protocol for networkaccess applications.To use the RADIUS authentication protocol:1. Click User Management > Authentication Settings to open theAuthentication Settings page.2. Click the RADIUS radio button to enable the RADIUS section of thepage.3. Click the icon to expand the RADIUS section of the page.4. In the Primary Radius Server and Secondary Radius Server fields,type the IP address of your primary and optional secondary remoteauthentication servers, respectively (up to 256 characters).5. In the Shared Secret fields, type the server secret used forauthentication (up to 128 characters).The shared secret is a character string that must be known by boththe KX II and the RADIUS server to allow them to communicatesecurely. It is essentially a password.6. The Authentication Port default is port is 1812 but can be changedas required.