03-04-2017 08:30 AM - edited 03-04-2017 11:35 AM
Does anybody have any experience with Brocade NOS switches authenticating and authorising using Clearpass. We are attempting to do this but are struggling with the authorisation. We are using TACACS for this. We see the Brocade switch send both service=shell and brcd-role* but despite being configured to return priv-lvl 15 and the brcd-role 'admin', the latter does not get returned only the 'priv-lvl 15', however as the 'admin' role is not returned the default 'user' role is assumed and the user cannot edit the switch configuration.
Just wondering if anybody else has experienced this and if they managed to get this working?
03-05-2017 12:15 PM
I found out that the asterisk (*) sent with the brcd-role indicates that this is an 'optional' parameter that Clearpass doesn't need to respond to. However, we have defined 'brcd-role' as a valid attribute with a configured string 'admin', however Clearpass is not sending this back to the switch. It is only sending back the priv-lvl 15?