ArubaOS and Controllers

Reply
Occasional Contributor II

Radius MGMT authentication shared role

We would like to deploy radius authentication to all of our controllers. Is there away to make certain users have read-only and guest-provisioning, or is it one or the other. I would like certain users to be root and other users to just add guests and have read-only.
Guru Elite

Radius Attributes

On your radius server, you have to write a rule that if a user is in group "a", send back a radius attribute that says "guest-provisioning". You would then write a rule in the Management Authentication server group that says if we see that radius attribute with "guest-provisioning", put that user in the "guest provisioning" role.

Please check the thread here: http://airheads.arubanetworks.com/vBulletin/showthread.php?t=1510 to see how one person is doing this. There is also a document in the thread here: http://airheads.arubanetworks.com/vBulletin/showthread.php?t=704


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II

Re: Radius MGMT authentication shared role

i get that part but i would like a single signon for someone to be able to do guest provisioning and read-only acccess. Is that possible? For example if John authenticates to radius he is let into the controller with both guest-provisioning abilities and read-only access. I would rather not have 2 seperate accounts for provisioning and read-only
Guru Elite

Cannot

No, it is either/or, not both.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: