...
ProVision 3.9.3 and prior: http://cloud.6connect.com/Download/Radius/3.9.3/6connect_VSA.txt
Expand |
---|
Code Block |
---|
| VENDOR 6connect 36009
BEGIN-VENDOR 6connect
ATTRIBUTE priv_admin 10 integer
#This is used to give a user administrative access to the application
ATTRIBUTE priv_ipam_c 20 integer
#This allows a user to create IP blocks
ATTRIBUTE priv_ipam_d 21 integer
#This allows a user to delete IP blocks
ATTRIBUTE priv_ipam_m 22 integer
#This allows a user to modify IP blocks
ATTRIBUTE priv_swip 23 integer
#This allows a user to SWIP IP blocks
ATTRIBUTE priv_email 24 integer
#This allows a user to email IP block information
ATTRIBUTE priv_ipam_v 25 integer
#This allows a user to view IP block information
ATTRIBUTE priv_dns_c 30 integer
#This allows a user to create DNS Zones
ATTRIBUTE priv_dns_d 31 integer
#This allows a user to delete DNS Zones
ATTRIBUTE priv_dns_m 32 integer
#This allows a user to modify DNS Zones
ATTRIBUTE priv_dns_v 33 integer
#This allows a user to view DNS Zones
ATTRIBUTE priv_cust_c 40 integer
#This allows a user to create Customer records
ATTRIBUTE priv_cust_d 41 integer
#This allows a user to delete Customer records
ATTRIBUTE priv_cust_m 42 integer
#This allows a user to modify Customer records
ATTRIBUTE priv_cust_v 43 integer
#This allows a user to view Customer records
ATTRIBUTE priv_peer_c 50 integer
#This allows a user to create peering sessions
ATTRIBUTE priv_peer_d 51 integer
#This allows a user to delete peering sessions
ATTRIBUTE priv_peer_m 52 integer
#This allows a user to modify peering sessions
ATTRIBUTE priv_peer_v 53 integer
#This allows a user to view peering sessions
ATTRIBUTE priv_logs 60 integer
#This allows a user to have access to the logs tab in the application
END-VENDOR 6connect |
|
ProVision 4.0 and greater: http://cloud.6connect.com/Download/Radius/4.0/6connect_VSA.txt
Expand |
---|
Code Block |
---|
VENDOR 6connect 36009
BEGIN-VENDOR 6connect
ATTRIBUTE 6connect_user_group 10 string
#A 6connect User Group to which this user belongs.
END-VENDOR 6connect |
|
...
An example of a ProVision account configuration for the user file on a Freeradius system for version 3.9.3 and prior: http://cloud.6connect.com/Download/Radius/3.9.3/Freeradius-users-example.txt
Code Block |
---|
#A user with full IPAM prvileges and view only DNS privs
joe Cleartext-Password := "testing128"
priv_admin = 1,
priv_ipam_v = 1,
priv_ipam_c = 1,
priv_ipam_d = 1,
priv_ipam_m = 1,
priv_swip = 1,
priv_email = 1,
priv_dns_v = 1 |
An example of a ProVision account configuration for the user file on a Freeradius system for version 4.0 and greater: http://cloud.6connect.com/Download/Radius/4.0/Freeradius-users-example.txt
Example: To add a new radius user, edit the 'users' file found at /etc/raddb/users and add a block like:
Code Block |
---|
language | powershell |
---|
title | Setting up a RADIUS account |
---|
|
bobber Cleartext-Password := "hello"
6connect_user_group = "Global Admins,Group 2,Group 1,Group NonexistantNonexistent" |
Note |
---|
title | Note on RADIUS attributes |
---|
|
There are many Radius attributes, but '6connect_user_group' is the one used by 6connect ProVision and it is just a comma-separated list of all the group names that the user belongs to. |
...