Configuring Roles » History » Version 3

« Previous - Version 3/10 (diff) - Next » - Current version
Luke Murphey, 08/12/2012 06:26 AM

Configuring Roles¶

By default, successfully authenticated users are assigned the "user" role. However, this can be overridden by creating a vendor specific attribute. The attribute should contain a string containing a colon or comma separated list of roles (like "admin:can_delete"). Re-run setup on the RADIUS auth app and configure the app to use the vendor code and vendor attribute ID you defined.

Below are instructions for configuring IAS:

Open the IAS MMC Snap-In¶

Start the "mmc"

Open the Remote Access Policy¶

Selected "Remote Access Policies" and open the appropriate policy.

Create a New Attribute¶

Create a new attribute with a value of "Vendor-Specific" and a vendor of "RADIUS Standard".

Select a format of string and set the value to a colon separated list of roles.

The created attribute should look something like this:

Edit_attribute.png View (7.88 KB) Luke Murphey, 05/15/2012 06:34 AM

Edit_profile.png View (13.5 KB) Luke Murphey, 05/15/2012 06:34 AM

Select_attribute.png View (31.7 KB) Luke Murphey, 05/15/2012 06:34 AM

Select_policy.png View (20.6 KB) Luke Murphey, 05/15/2012 06:34 AM

Open_mmc_snap_in.png View (14.9 KB) Luke Murphey, 05/15/2012 06:35 AM

Set_vendor_code.png View (8 KB) Luke Murphey, 08/12/2012 06:40 AM

List_attributes.png View (8.35 KB) Luke Murphey, 08/12/2012 06:44 AM

Project

General

Profile

Splunk Apps » RADIUS Authentication

Wiki