Wireless Access

Reply
DNe
Contributor II
Posts: 39
Registered: ‎07-06-2015

Aruba Internal DB Question

Hi,

i have a Lab running a 3600 and two AP105 with 6.4.x. Now i have created a AP Group with a SSID and that vap_prof uses the internal DB for Users with aaa_prof. So far so fine - If my user exist i become authenticated. Now i wanna configure a Rule set to a new "Role" and i've added the user in the local DB to this role but as the AAA Profile says in the SSID the user become authenticated the role never works. If i change the aaa_prof to my new Role it worked but not only for this user - for all instead. So i dunno currently how to get the interal DB Role running with a AAA profile. Do someone running this scenario ? I've only tested this with Server derivation Rule and a extern Radius which assign the rolename.

 

Thanks for Feedback

ACMP
Guru Elite
Posts: 21,490
Registered: ‎03-29-2007

Re: Aruba Internal DB Question

In your AAA profile, make sure you are using the default server group and that the default server group has the "set role condition..." rule attached to it.  The "set role condition role value-of" is the rule that says, return the role that the internal user has defined.  If you are using a server group without that rule present for authentication, it will only return the default role for that AAA profile.

 

aaa server-group "default"
 auth-server Internal
 set role condition role value-of


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

DNe
Contributor II
Posts: 39
Registered: ‎07-06-2015

Re: Aruba Internal DB Question

Thanks for Feedback. I was using a different profile because i used a wizard before :-) So there was no Rule inside and that was the fault.

 

Many Thanks!

ACMP
Search Airheads
Showing results for 
Search instead for 
Did you mean: