Radius Authentication and Authorization on CB 800

– In CB 800 we have many attributes while configuring radius server then compared to CB 600.

User-added image

– Radius server configuration for CB 600 and CB 800 are different.

– In CB 600 it works by returning the below

  • Service-Type=Administrative (Admin rights)
  • Service-Type=login (Red rights)

– But in CB 800 required authorization parameter is “Group-Names”.

Configuration on RADIUS Server :

1. Configure Group Vendor Id: 66 and Group attribute type: 6 [Please check with your Radius Team]

2. Above 2 parameters are required for identification of “Group-Names” attribute.

3. And then for each user, add this “Group-Names”:”<Group1>,<Group2>,…”

Configuration on CB800:

1. Add the Groups needed : Group1, Group2, etc and map them to admin/red only privilege.

2. Configure RADIUS server and configure Group Vendor Id: 66, Group attribute type: 6, Group Separator: “,”.

Note :

1.**Please do NOT use default authorization group parameter, as it will cause all authorizations to be admin access, if you added an admin group name in there.

2. Also we have’t tested with RADIUS WIN2012 in-house.

Related:

  • No Related Posts

Leave a Reply