...
Starting in 3.0, ProVision supports 6connect vendor-specific attributes (VSAs) for use with RADIUS authentication. To use these attributes, you must perform the following three procedures:
- Add the 6connect VSA to the Radius installation
- Configure Radius accounts
- Test the Radius account
- Configure ProVision for Radius Authentication
...
Important Note: Between version 3.9.3 and 4.0, the permissions structure for ProVision was signifigantly significantly changed. Make sure you following the version specific instructions below.
...
ProVision 4.0 and greater: http://cloud.6connect.com/Download/Radius/4.0/6connect_VSA.txt
| Note |
|---|
| Make sure to add the following to the primary dictionary file: $INCLUDE dictionary.6connect |
Configure Radius Accounts
...
An example of a ProVision account configuration for the user file on a Freeradius system for version 4.0 and greater: http://cloud.6connect.com/Download/Radius/4.0/Freeradius-users-example.txt
Example: To add a new radius user, edit the 'users' file found at /etc/raddb/users and add a block like:
| Code Block | ||||
|---|---|---|---|---|
| ||||
bobber Cleartext-Password := "hello"
6connect_user_group = "Global Admins,Group 2,Group 1,Group Nonexistant" |
| Note | ||
|---|---|---|
| ||
| There are many Radius attributes, but '6connect_user_group' is the one used by 6connect ProVision and it is just a comma-separated list of all the group names that the user belongs to. |
Test Radius Accounts
For 3.9.3 and prior, test and response should look like the following:
...