This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
RichLeBlanc
New Contributor
New Contributor
ā€Ž2019-01-03 09:45 AM

Help on RADIUS profiles

Jump to solution

Hello All!

I am trying to archive the goal:

When a user with HelpDesk rights access a Cisco switch he is authorization on privilege level 7 when a user from Admin groups access the same switch he is authorization on privilege level 15.

What I have done so far:

I have created 2 Radius Profile on RSA

one is helpdesk with
Return List Attributes: Cisco-AVPAIR - shell:priv-lvl=7

the other one is the admin group with

Return List Attributes: Cisco-AVPAIR - shell:priv-lvl=15

 

I am trying to assign both these on the same Authentication Agent but the Agent is keeping only one of them, what I am doing wrong?

 

 

 

 

 

0 Likes
Reply
1 Solution

Accepted Solutions
EdwardDavis
Employee
Employee
ā€Ž2019-01-03 12:26 PM

Jump to solution

One idea....

 

Assign the one 'most people' will use, to the agent.

Assign the one admins will use, to the admins themselves,

 

and set the system to use the user profile when both agent and user have a profile.

 

This way the admins profile will override the agent one.

 

Security Console, setup, system settings, radius.

pastedImage_1.png

 

 

 

Or, just assign profiles to users only.

View solution in original post

Reply
3 Replies
_EricaChalfin
Employee (Retired) Employee (Retired)
Employee (Retired)
ā€Ž2019-01-03 10:32 AM

Jump to solution

FRED MANGINIā€Œ,

I've moved your question to the RSA SecurID Access" data-type="space space where it will be seen by the product's support engineers, other customers and partners.  Please bookmark this page and use it when you have product-specific questions.

 

Alternatively, from the RSA Customer Support" data-type="spaceā€Œ page, click on Ask A Question on the blue navigation bar and choose Ask A Product Related Question.  From there, scroll to RSA SecurID Access" data-type="space and click Ask A Question.  That way your question will appear in the correct space.

 

 

Regards,

Erica

0 Likes
Reply
EdwardDavis
Employee
Employee
ā€Ž2019-01-03 12:26 PM

Jump to solution

One idea....

 

Assign the one 'most people' will use, to the agent.

Assign the one admins will use, to the admins themselves,

 

and set the system to use the user profile when both agent and user have a profile.

 

This way the admins profile will override the agent one.

 

Security Console, setup, system settings, radius.

pastedImage_1.png

 

 

 

Or, just assign profiles to users only.

Reply
RichLeBlanc
New Contributor
New Contributor
In response to EdwardDavis
ā€Ž2019-01-03 03:25 PM

Jump to solution

Thank you, Edward,

your idea worked for me.

Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.