|
|
|
The following is a sample user file. Each RADIUS vendor may have a different method for configuring user files. In this sample, text values are defined that represent the actual values used by the Avaya switch using the directives ATTRIBUTE and VALUE.
Two user accounts are shown: a use account that is not assigned to a group and a user account that is assigned to a group. The first account is Bob with password BooBoo. Bob is allowed to log in only to the NAD at 199.87.201.2. Bob is also granted administrative privileges.
The second account is Ann with password Pokey. The NAD she logs in to must be configured to use group AvayaSwitches. She is granted read-only permission to the CLI (either Telnet or serial cable to the supervisor console port).
# define the Avaya Vendor Specific Attributes
# Note: NAS-IP-Address is a Standard RADIUS Attribute
# define the Avaya-Service-Types
VALUE Avaya-Service-Type Avaya-Administrative 3
VALUE Avaya-Service-Type Avaya-Read-Write 2
VALUE Avaya-Service-Type Avaya-Read-Only 1
# define the Avaya Management Types
VALUE Avaya-Mgt-Type Avaya-Mgt-All 1
VALUE Avaya-Mgt-Type Avaya-Console-CLI 2
VALUE Avaya-Mgt-Type Avaya-Remote-CLI 3
VALUE Avaya-Mgt-Type Avaya-Web 4
Bob Password = "BooBoo", NAS-IP-Address = "199.87.201.2"
Ann Password = "Pokey", Avaya-Group = "AvayaSwitches"
Avaya-Service-Type = Avaya-Read-Only
Avaya-Management-Type = Avaya-Local-CLI
Avaya-Management-Type = Avaya-Remote-CLI
|
|
|