Comware

Hi people,

i'm working on some HPE 5945 with Comware 7.1.070 where I should login via RADIUS, where the server is a FortiAuthenticator.

Here is part of my configuration:

#
line class aux
 authentication-mode scheme
 user-role network-admin
#
line class vty 
 user-role network-operator
#
line aux 0 1
 user-role network-admin
#
line vty 0 63
 authentication-mode scheme
 user-role network-admin
 user-role network-op
 user-role network-operator
 protocol inbound ssh
 idle-timeout 30 5
#
 ssh server enable
 ssh user admin service-type stelnet authentication-type password
#
 password-control enable 
 undo password-control aging enable 
 undo password-control length enable 
 undo password-control composition enable 
 undo password-control history enable 
 password-control login-attempt 3 exceed unlock 
 password-control update-interval 0
 password-control login idle-time 0
#
radius enable
#
radius scheme fortiauth
 primary authentication <IP_FORTIAUTH>
 primary accounting <IP_FORTIAUTH>
 key authentication cipher <sharedkey>
 key accounting cipher <sharedkey>
 user-name-format without-domain
#
domain fortiauth
 authentication login radius-scheme fortiauth local
 authorization login radius-scheme fortiauth local
 accounting login radius-scheme fortiauth local
#
domain system
#              
 domain default enable fortiauth
#
 role default-role enable
#
role name level-0
 description Predefined level-0 role
#
role name level-1
 description Predefined level-1 role
#
role name level-2
 description Predefined level-2 role
#
role name level-3
 description Predefined level-3 role
#
role name level-4
 description Predefined level-4 role
#
role name level-5
 description Predefined level-5 role
#
role name level-6
 description Predefined level-6 role
#
role name level-7
 description Predefined level-7 role
#
role name level-8
 description Predefined level-8 role
#
role name level-9
 description Predefined level-9 role
#
role name level-10
 description Predefined level-10 role
#
role name level-11
 description Predefined level-11 role
#
role name level-12
 description Predefined level-12 role
#
role name level-13
 description Predefined level-13 role
#              
role name level-14
 description Predefined level-14 role
#
user-group system
#
local-user admin class manage
 service-type telnet ssh terminal
 authorization-attribute user-role network-admin
 authorization-attribute user-role network-operator
#
local-user <localuser2> class manage
 service-type telnet ssh terminal
 authorization-attribute user-role network-admin
 authorization-attribute user-role network-operator
#
return

When I login i receive this output:

Taking a look into FortiAuthenticator I see that the login is successful:

There's an error into my configuration?

Should i pass particular attributes from Radius server?

Regards,

Stefano