Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Jean-Christoph1
Explorer

Radius Authentication for Management

Hi Guys,

I'm trying to use freeradius together with openldap to authenticate admin & operator to access the different management console of a cluster of 5000 appliances.

On the Gaia Portal, the authentication works but the user don't receive the correct rights. The configuration is as follow:

On Gaia Potal, I created 2 Roles:

 - radius-group-AdminSecurity (Full Read/Write Access)

 - radius-group-any (Full ReadOnly Access)

In Openldap, I created a group:

ldapsearch -D "cn=Manager,dc=example,dc=com" -b "dc=example,dc=com" -ZZ -W -LLL "(cn=AdminSecurity)"
Enter LDAP Password:
dn: cn=AdminSecurity,ou=Group,dc=bcp-bank,dc=net
objectClass: posixGroup
objectClass: top
gidNumber: 4171
description: Security Administrator
cn: AdminSecurity
memberUid: my.user

In Freeradius, I created the following configuration:

 - Load dictionary.checkpoint with following configuration:

      VENDOR          CheckPoint                      2620

      BEGIN-VENDOR    CheckPoint

      ATTRIBUTE       CP-Gaia-User-Role                       229     string
      ATTRIBUTE       CP-Gaia-SuperUser-Access                230     integer

      END-VENDOR      CheckPoint

 - In users configuration file, added the following:

      DEFAULT        LDAP-Group := 'AdminSecurity'
                            CP-Gaia-User-Role = RADIUS-P1-ADMIN,
                            CP-Gaia-SuperUser-Access = 1

As I sayed earlier, the authentication works, but I'm always logged with the radius-group-any rights.

What should I change to have users belonging to AdminSecurity group to be logged with the radius-group-AdminSecurity rights ?

Thanks a lot for your support.

Jean-Christophe

1 Reply
Maarten_Sjouw
Champion
Champion

I'm pretty sure the same applies to this as was discussed in this post

Regards, Maarten

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events