Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
984
Views
0
Helpful
2
Replies

Radius group Authentication

fijog
Level 1
Level 1

‎07-26-2004 08:25 PM - edited ‎03-10-2019 07:55 AM

Hi,

I am trying to find a solution, for the following design,

We have over 250 Nortel Switches(Baystack 460).

Authetication works fine with ACS 3.2 Using Radius.

Now I want to do the following,

* I have 2 ADMIN groups

ADMINGP1: To manage 100 Switches with Admin Rights

and the remaing 150 switches as Read-only rights.

ADMINGP2: To Manage 150( 250 minus 100) Switches as Admin and the above mentioned 100 switches as read-only.

How can i do that, Since in the Groups/Radius settings of ACS, if i set Service-type=administraive, it gives admin rights to the users in this groups to all 250 switches.

Is there a work around of grouping RADIUS devices a assigning rights to the groups?

Any inputs.

Thanks and Regards,

FG

Labels:
0 Helpful
2 Replies 2

benhur.p
Level 1
Level 1

‎08-03-2004 11:39 PM

Any update on this?

0 Helpful

fijog
Level 1
Level 1
In response to benhur.p

‎08-04-2004 01:57 AM

Hi,

Nope, no updates.

But the possible solution to this would be,

* To groups the RADIUS Devices i.e Network Devices group (Which is possible in ACS)

* Apply RADIUS attributes on the User groups based on the NDG.(Which I understand is not possible in ACS)

Example,

For ADMINGP1 apply service type=administarive on NDG-Group1

For ADMINGP2 apply service type=NAS Prompt on NDG-Group1

and vice versa on Group2

I don't think the above can be implemented on ACS3.2,

But if the above solution is possible, could someone throw some light on it.

Thanks and Regards,

FG

0 Helpful
Customers Also Viewed These Support Documents