AnsweredAssumed Answered

RSA Profile Map To AD Group

Question asked by Theodore Chandler on Oct 8, 2018
Latest reply on Oct 22, 2018 by Theodore Chandler

We are looking at integrating an RSA Authentication Manager appliance with a SEL-3620 Ethernet Security Gateway. The SEL device documentation (sign in required) references integration with RSA Authentication Manager version 7.1.


The documentation has us create a dictionary with custom attributes which will be passed back on successful user authentication. These values determine the users privileges on the SEL device. The documentation has us create a RADIUS profile on the RSA Authentication Manager for each possible set of attribute values. For example the user is a "Technician" in the group "read-only" Not mentioned in the documentation is a method to map a RADIUS profile to an AD group.


Two part question:

1.) Is there a way to automatically map users in a certain group to a specific RADIUS profile?

2.) Is there a better way to return custom attributes (which are mapped to AD groups) back to the SEL device upon successful authentication?