Versions Compared

Old Version 16

changes.mady.by.user Pete Sclafani

Saved on

compared with

New Version 17

changes.mady.by.user Pete Sclafani

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

ProVision 3.9.3 and prior: http://cloud.6connect.com/Download/Radius/3.9.3/6connect_VSA.txt

Expand
Code Block
title3.9.3 VSA text file
VENDOR          6connect               36009

BEGIN-VENDOR    6connect

ATTRIBUTE       priv_admin              10      integer
#This is used to give a user administrative access to the application

ATTRIBUTE       priv_ipam_c             20      integer
#This allows a user to create IP blocks
ATTRIBUTE       priv_ipam_d             21      integer
#This allows a user to delete IP blocks
ATTRIBUTE       priv_ipam_m             22      integer
#This allows a user to modify IP blocks
ATTRIBUTE       priv_swip               23      integer
#This allows a user to SWIP IP blocks
ATTRIBUTE       priv_email              24      integer
#This allows a user to email IP block information
ATTRIBUTE       priv_ipam_v             25      integer
#This allows a user to view IP block information

ATTRIBUTE       priv_dns_c              30      integer
#This allows a user to create DNS Zones
ATTRIBUTE       priv_dns_d              31      integer
#This allows a user to delete DNS Zones
ATTRIBUTE       priv_dns_m              32      integer
#This allows a user to modify DNS Zones
ATTRIBUTE       priv_dns_v              33      integer
#This allows a user to view DNS Zones

ATTRIBUTE       priv_cust_c             40      integer
#This allows a user to create Customer records
ATTRIBUTE       priv_cust_d             41      integer
#This allows a user to delete Customer records
ATTRIBUTE       priv_cust_m             42      integer
#This allows a user to modify Customer records
ATTRIBUTE       priv_cust_v             43      integer
#This allows a user to view Customer records

ATTRIBUTE       priv_peer_c             50      integer
#This allows a user to create peering sessions
ATTRIBUTE       priv_peer_d             51      integer
#This allows a user to delete peering sessions
ATTRIBUTE       priv_peer_m             52      integer
#This allows a user to modify peering sessions
ATTRIBUTE       priv_peer_v             53      integer
#This allows a user to view peering sessions

ATTRIBUTE       priv_logs               60      integer
#This allows a user to have access to the logs tab in the application

END-VENDOR      6connect

ProVision 4.0 and greater: http://cloud.6connect.com/Download/Radius/4.0/6connect_VSA.txt

Expand
Code Block
VENDOR                  6connect                        36009

BEGIN-VENDOR    6connect

ATTRIBUTE               6connect_user_group             10              string
#A 6connect User Group to which this user belongs.

END-VENDOR      6connect

...

An example of a ProVision account configuration for the user file on a Freeradius system for version 3.9.3 and prior: http://cloud.6connect.com/Download/Radius/3.9.3/Freeradius-users-example.txt

Code Block
#A user with full IPAM prvileges and view only DNS privs

joe Cleartext-Password := "testing128"
   priv_admin = 1,
   priv_ipam_v = 1,
   priv_ipam_c = 1,
   priv_ipam_d = 1,
   priv_ipam_m = 1,
   priv_swip = 1,
   priv_email = 1,
   priv_dns_v = 1

An example of a ProVision account configuration for the user file on a Freeradius system for version 4.0 and greater: http://cloud.6connect.com/Download/Radius/4.0/Freeradius-users-example.txt

Example: To add a new radius user, edit the 'users' file found at /etc/raddb/users and add a block like:

Code Block
languagepowershell
titleSetting up a RADIUS account
bobber  Cleartext-Password := "hello"
        6connect_user_group = "Global Admins,Group 2,Group 1,Group NonexistantNonexistent"
Note
titleNote on RADIUS attributes
There are many Radius attributes, but '6connect_user_group' is the one used by 6connect ProVision and it is just a comma-separated list of all the group names that the user belongs to.

...