Security

Has this happened to anyone else ? I upgraded Space to 14.1R2.9 and suddenly no one can login via TACACS. I verified the request is getting to the server but I get an error "No roles assigned for this user". TACACS is not returning Roles so I dont know what the problem is. My local account still works.

Hi,

Seems like with 14.1R2 Tacacs needs to send authorization as well (same profile name as that created within Space), Are you using TACACS just to authenticate with no authorization ? If yes can you configure authorization as well ?

Thanks

Hi, thanks for the reply. I have tried assigning profiles that match the user accounts. Users are also being assigned a role just as they were before, through assignment in Space. I dont know, this seems like a bug to me. I'm also confused why there isnt an LDAP authentication option.

Support has confirmed this is a bug with 14.1R2.9 .

New version needs configuration

- remote prifile in JunosSpace platform

- AVPair on TACACS server "network-management-profiles = your_remote_profile_name"

http://kb.juniper.net/InfoCenter/index?page=content&id=TSB16642

ok, but I'd rather have them restore the functionality they took away. This is a bug in my mind.

Their are some issues with radius / tacacs in version 14R2.9  see the article below

http://kb.juniper.net/InfoCenter/index?page=content&id=TSB16642&cat=&actp=LIST

Patch has been issued to restore previous functionality. Right-click, save target as:

https://download.juniper.net/software/space/patch/14.1R2-hotpatch-v3.1.tgz

1. scp the patch to the Junos Space VIP node's /home/admin directory   (the VIP node has eth0:0)
2. Login to the Space VIP node CLI, enter the "(Debug) run shell" mode and run the following commands on the VIP node:
3. cd /home/admin

• tar xzf 14.1R2-hotpatch-v3.1.tgz
• cd /home/admin/14.1R2-hotpatch-v3.1
• sh patchme.sh