Limit Radius user to specific devices/ports
I’m authenticating against RSA , set the groupmemberattr Filter-ID and some auth_radius_groups with different privilege levels. What i could not figure out is how i can limit one Filter-ID to just a specific device or port.
In the GUI it’s possible to configure some Roles, once added they cannot be removed anymore via the GUI?
Thanks, Alex
It’s not currently possible to assign roles based on external authentication attributes.
I looked at doing this for LDAP a while back, but it was a bit of a pain to feed the data through the authentication system as it stands. I’m not sure how the data comes from RADIUS, so I can’t say how feasible it would be.
Adam.
From: observium observium-bounces@observium.org On Behalf Of Joelly, Alexander via observium Sent: 19 November 2020 22:47 To: observium@observium.org Cc: Joelly, Alexander Alexander.Joelly@magna.com Subject: [Observium] Limit Radius user to specific devices/ports
I’m authenticating against RSA , set the groupmemberattr Filter-ID and some auth_radius_groups with different privilege levels. What i could not figure out is how i can limit one Filter-ID to just a specific device or port.
In the GUI it’s possible to configure some Roles, once added they cannot be removed anymore via the GUI?
Thanks, Alex
participants (2)
-
Adam Armstrong -
Joelly, Alexander