Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

User Role after MAC Auth

This thread has been viewed 5 times

  • 1.  User Role after MAC Auth

    Posted Mar 30, 2016 01:32 PM

    Hi:

    I'm working with mac auth in a test environment using the controller's internal database.

    Even though I've set a "MAC Authentication Default Role" in the aaa profile, the role that gets assigned to the user is coming from the user entry in the internal database.

     

    Is there a way to have the aaa proflie's MAC auth default role be assigned?

     

    There does not seem to be a way to delete the internal database role in the GUI.

     

    Thanks,

    Tony

     



  • 2.  RE: User Role after MAC Auth
    Best Answer

    EMPLOYEE
    Posted Mar 30, 2016 01:42 PM

    If you are using the server-group "default" or "internal" it would have a derivation rule as below. 

     

    aaa server-group "default"
    auth-server Internal
    set role condition role value-of

    Try deleting the rule or create a different server-group that doesn't have the derivation rule. 



  • 3.  RE: User Role after MAC Auth

    Posted Mar 30, 2016 02:02 PM

    Thank you.

    Yes, the default server group was in use.

    I had forgotten about that.

    All is well with a shiny, new server group!

    Thank you!