Reset Search
 

 

Article

KB23131 - Role mapping based on group membership using Radius Auth Server

« Go Back

Information

 
Last Modified Date8/2/2015 10:17 PM
Synopsis
This article provides information on how to configure Role mapping, which is based on group membership, when the authentication is through the Radius server.
Problem or Goal
How to configure Role mapping on PCS/PPS, which is based on group membership, when the authentication is through the Radius server.
Cause
Solution
Note: The Network Policy Server is used for this example; but any Radius server of similar capabilities can be used.
 
  1. Create one network policy per group.
     



    Two policies have been created; one for the Admins domain and the other for the Users domain.
 
  1. Add the respective group to the Network Policy:
     

 
  1. Add the Filter-Id attribute with a unique String value per group.




    The Filter-Id value 1 and 2 is set for the Admins and Users domain respectively.
 
  1. Configure the Role Mapping Rule, based on the User attribute, with the exact same Filter-Id attribute value for each group.
     

 
  1. Create a Role mapping rule for each group:

     

 
  1. Login as a user of any specified group and obtain the policy trace:


    User-added image



    In the above policy trace, user has the Filter-Id value as 1and gets mapped to the Admin role.
Related Links
Attachment 1 
Created ByData Deployment

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255