Add a RADIUS Attribute Definition to a Dictionary

Adding a RADIUS attribute definition to a dictionary file allows you to create custom RADIUS user attributes that you can assign to users authenticating through RADIUS clients. On each RSA RADIUS server, you must add the attribute to the dictionary file of any RADIUS client type that uses the custom attribute. You must also modify the dictionary on the RADIUS client devices to include the new attribute.

Before you begin

  • You must be a Super Admin to perform this task.

  • Verify that the attribute does not conflict with an existing attribute in the dictionary. If the dictionary contains an attribute that uses the same name or number that you want to add, comment out the conflicting attribute.

Procedure

  1. Log on to the Operations Console on the RSA Authentication Manager primary instance.

  2. Click Deployment Configuration > RADIUS Servers.

  3. Select the RADIUS server, and select Manage Server Files from the context menu.

  4. Click the Dictionary Files tab to see the RADIUS dictionary files.

  5. Find the dictionary file that you want to edit.

  6. Select Edit from the context menu.

  7. Add the following line to the dictionary file:

    ATTRIBUTE Name Number Type

    where

    • Name is the name of the attribute

    • Number is the number of the attribute, which must be between 64-255

    • Type is the data type of the attribute, for example string

    RADIUS logs all attributes and attribute values. To prevent an attribute and its value from being logged, enter the secret tag at the end of the attribute string. For example:

    ATTRIBUTE Tunnel-Password 23 string secret

    Note: Verify that the attribute does not conflict with an existing attribute in the dictionary. If the dictionary contains an attribute that uses the same name or number that you want to add, comment out the conflicting attribute.

  8. Click Save & Restart RADIUS Server after editing all necessary dictionaries for the changes to take effect.

  9. On the primary instance, repeat this procedure for each RADIUS server in the deployment.

After you finish

Add a custom RADIUS user attribute definition. For instructions, see Add a Custom RADIUS User Attribute Definition.

Related Tasks

Add a RADIUS Dictionary

Modify a RADIUS Attribute Definition in a Dictionary

Add a Custom RADIUS User Attribute Definition