ArubaOS and Controllers

Reply
Occasional Contributor II
Posts: 22
Registered: ‎12-11-2009

Radius MGMT authentication shared role

We would like to deploy radius authentication to all of our controllers. Is there away to make certain users have read-only and guest-provisioning, or is it one or the other. I would like certain users to be root and other users to just add guests and have read-only.
Guru Elite
Posts: 20,348
Registered: ‎03-29-2007

Radius Attributes

On your radius server, you have to write a rule that if a user is in group "a", send back a radius attribute that says "guest-provisioning". You would then write a rule in the Management Authentication server group that says if we see that radius attribute with "guest-provisioning", put that user in the "guest provisioning" role.

Please check the thread here: http://airheads.arubanetworks.com/vBulletin/showthread.php?t=1510 to see how one person is doing this. There is also a document in the thread here: http://airheads.arubanetworks.com/vBulletin/showthread.php?t=704


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 22
Registered: ‎12-11-2009

Re: Radius MGMT authentication shared role

i get that part but i would like a single signon for someone to be able to do guest provisioning and read-only acccess. Is that possible? For example if John authenticates to radius he is let into the controller with both guest-provisioning abilities and read-only access. I would rather not have 2 seperate accounts for provisioning and read-only
Guru Elite
Posts: 20,348
Registered: ‎03-29-2007

Cannot

No, it is either/or, not both.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: