Wireless Access

Frequent Contributor I

Aruba Internal DB Question


i have a Lab running a 3600 and two AP105 with 6.4.x. Now i have created a AP Group with a SSID and that vap_prof uses the internal DB for Users with aaa_prof. So far so fine - If my user exist i become authenticated. Now i wanna configure a Rule set to a new "Role" and i've added the user in the local DB to this role but as the AAA Profile says in the SSID the user become authenticated the role never works. If i change the aaa_prof to my new Role it worked but not only for this user - for all instead. So i dunno currently how to get the interal DB Role running with a AAA profile. Do someone running this scenario ? I've only tested this with Server derivation Rule and a extern Radius which assign the rolename.


Thanks for Feedback

Guru Elite

Re: Aruba Internal DB Question

In your AAA profile, make sure you are using the default server group and that the default server group has the "set role condition..." rule attached to it.  The "set role condition role value-of" is the rule that says, return the role that the internal user has defined.  If you are using a server group without that rule present for authentication, it will only return the default role for that AAA profile.


aaa server-group "default"
 auth-server Internal
 set role condition role value-of

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Frequent Contributor I

Re: Aruba Internal DB Question

Thanks for Feedback. I was using a different profile because i used a wizard before :-) So there was no Rule inside and that was the fault.


Many Thanks!

Search Airheads
Showing results for 
Search instead for 
Did you mean: