Configuring Non-local RADIUS Users
To allow login with non-local user to the 61000/41000 Security System, you must define a default role for all non-local users that are configured in the Radius server.
The default role can include a combination of:
- Administrative (read/write) access to some features
- Monitoring (read-only) access to other features
- No access to other features.
Syntax
> add rba role radius-group-any domain-type System readonly-features|readwrite-features <list>
Parameter
|
Description
|
readonly-features <list>
|
Comma separated list of Gaia features that have read only permissions in the specified role
|
readwrite-features <list>
|
Comma separated list of Gaia features that have read/write permissions in the specified role
|
Example
> add rba role radius-group-any domain-type System readonly-features arp
Verification
Connect to the 61000/41000 Security System with a non-local user:
MyLaptop > ssh my_radius_user@my_61k_server
After successful authentication, the user my_radius_user is assigned the role radius-group-any granted all the privileges defined in the radius-group-any role.
|
