SSL VPN
Reply
Visitor
S Mazhar
Posts: 8
Registered: ‎01-09-2012
0

Role Mapping based on Active Directory User Group using Radius Authentication/Authorization Server

Hallo,

 

Platform Details:

Radius Authentication/Authorization Server

Junos Secure Access
System Version 7.1R5 (build 19757)

 

Problem: Role Mapping based on Active Directory User Group using Radius Authentication/Authorization Server

 

I am aware that this can be done using LDAP or AD Atuhentication.

I am looking for a solution which could help me do it in conjunction with Radius Authentication/Authorization Server.

Is it doable?

Any alternatives or workarounds except changing the Authentication/Authorization Server Type?

 

I thank you in advance for any help.

 

Kind Regards

Khan

Trusted Expert
kalagesan
Posts: 377
Registered: ‎08-09-2011
0

Re: Role Mapping based on Active Directory User Group using Radius Authentication/Authorization Serv

Hi Khan,

 

I understand that you are using radius server as authentication/ authorization and you want to dod rolemapping based on groups without AD/LDAP  as authentication /authorization server.

 

As far as I know this is not possible however let me check in my lab and confirm you

 

Regards,

Kannan

Moderator
zanyterp
Posts: 2,300
Registered: ‎11-19-2007
0

Re: Role Mapping based on Active Directory User Group using Radius Authentication/Authorization Serv

No, it cannot be done; the only servers that provide groups for authorization are LDAP and AD/NT. However, if your class attribute is different, you can use that as a group-like option.

Visitor
S Mazhar
Posts: 8
Registered: ‎01-09-2012
0

Re: Role Mapping based on Active Directory User Group using Radius Authentication/Authorization Serv

Hallo and Thank you kalagesan and zanyterp for the feedback,

 

> if your class attribute is different, you can use that as a group-like option.

 

Can you please eloborate a little. As you can guess I am a newbie in this area.

 

Kind Regards

Khan

Moderator
zanyterp
Posts: 2,300
Registered: ‎11-19-2007
0

Re: Role Mapping based on Active Directory User Group using Radius Authentication/Authorization Serv

if your radius server has class attributes, you should be able to do role mapping based on that

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.