https://community.cisco.com/t5/network-security/unable-to-login-to-csm-config-manager-using-radius/m-p/2376623#M920014 <P>As I understand it, you must also define the users in Common Services and set their role there. &nbsp;Unlike (for example) ASA VPN users, who can be authenticated by RADIUS and the RADIUS server will return some attribute(s) if configured this way, CSM apparently does NOT check any such attributes returned, and so basically all you can do is use RADIUS/AD/whatever to "manage passwords." &nbsp;So in our case we have simply listed our NetEng users in Common Services with "XXX" role, and assigned a Default Role for users not so defined in Common Services.</P> Tue, 24 Jun 2014 20:56:26 GMT PAUL TRIVINO 2014-06-24T20:56:26Z https://community.cisco.com/t5/network-security/unable-to-login-to-csm-config-manager-using-radius/m-p/2376622#M920013 <P>Hi everone,</P><P></P><P>I have config CSM 4.4&nbsp; for Radius authentication.</P><P></P><P>From https;//CSM&nbsp; IP address&nbsp; i can log on using Radius authentication fine no issues </P><P></P><P>But when i login from my configuration manager at desktop with radius i get error message</P><P></P><P>You are not allowed to login because your user profile doesn’t have any role associated.</P><P>Please contact CSM admin for configuring proper role.</P><P></P><P>Any ideas what should i do?</P><P></P><P>Regards</P><P></P><P>MAhesh</P> Fri, 21 Feb 2020 13:03:25 GMT https://community.cisco.com/t5/network-security/unable-to-login-to-csm-config-manager-using-radius/m-p/2376622#M920013 mahesh18 2020-02-21T13:03:25Z https://community.cisco.com/t5/network-security/unable-to-login-to-csm-config-manager-using-radius/m-p/2376623#M920014 <P>As I understand it, you must also define the users in Common Services and set their role there. &nbsp;Unlike (for example) ASA VPN users, who can be authenticated by RADIUS and the RADIUS server will return some attribute(s) if configured this way, CSM apparently does NOT check any such attributes returned, and so basically all you can do is use RADIUS/AD/whatever to "manage passwords." &nbsp;So in our case we have simply listed our NetEng users in Common Services with "XXX" role, and assigned a Default Role for users not so defined in Common Services.</P> Tue, 24 Jun 2014 20:56:26 GMT https://community.cisco.com/t5/network-security/unable-to-login-to-csm-config-manager-using-radius/m-p/2376623#M920014 PAUL TRIVINO 2014-06-24T20:56:26Z https://community.cisco.com/t5/network-security/unable-to-login-to-csm-config-manager-using-radius/m-p/2376624#M920015 <P>Hi</P><P>I had the same problem as Mahesh. I went through the role settings several times, I even created a new role and set it to default and I still got the error message when I tried to access the CSM client using my radius account. The radius server, Windows NPS, was authenticating correctly, no problem there.&nbsp;I could also log into the web GUI for the server using my radius accounts.</P><P>&nbsp;</P><P>The setting that solved it for me was found in the CSM client under Administration - Server Security. Once I ticked "Allow logon for user ids not available in Local User Database" I could log into the CSM client using my radius logins.</P><P>&nbsp;</P><P>Regrards</P><P>Fredrik Hofgren</P> Thu, 19 Feb 2015 08:06:58 GMT https://community.cisco.com/t5/network-security/unable-to-login-to-csm-config-manager-using-radius/m-p/2376624#M920015 hoffa2000 2015-02-19T08:06:58Z https://community.cisco.com/t5/network-security/unable-to-login-to-csm-config-manager-using-radius/m-p/2376625#M920017 <P>&nbsp;</P><P>Hi Fredrik,</P><P>I open Tac case and for this and got it resolved.</P><P>Seems TAC did exactly as what you said.</P><P>&nbsp;</P><P>Regards</P><P>Mahesh</P><P>&nbsp;</P> Sat, 21 Feb 2015 16:20:41 GMT https://community.cisco.com/t5/network-security/unable-to-login-to-csm-config-manager-using-radius/m-p/2376625#M920017 mahesh18 2015-02-21T16:20:41Z