Wireless Access

Reply
Frequent Contributor II
Posts: 109
Registered: ‎01-01-2012

bypass enable mode password for user group

hi

 

can we bypass enable mode authentication on controller for particular set of users or a single user..

 

-Harshad

Guru Elite
Posts: 8,340
Registered: ‎09-08-2010

Re: bypass enable mode password for user group

Bypass enable is a global command.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Aruba
Posts: 1,643
Registered: ‎04-13-2009

Re: bypass enable mode password for user group

If you use an external RADIUS server for the users, you can return the Aruba VSA:  Aruba-Priv-Admin-User.   Just return any integer; I usually just use 1.  This will put the user in enable mode by default without having to bypass enable globally.

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

Frequent Contributor II
Posts: 109
Registered: ‎01-01-2012

Re: bypass enable mode password for user group

 

for this attribute to work do I need to put any server derived rule..

 

also can we do it for user created in controller internal database??

 

 

Aruba
Posts: 1,643
Registered: ‎04-13-2009

Re: bypass enable mode password for user group

No, you should not have to define it in the server derived rules.

No, the VSA needs to be returned from RADIUS; there is no equivalent option for an internal user, VSA or otherwise.

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

Search Airheads
Showing results for 
Search instead for 
Did you mean: