Aruba & ProVision-based
Showing results for 
Search instead for 
Did you mean: 

Server 2012 NPS with Comware 5 /7 AD authentication

Frequent Visitor

Server 2012 NPS with Comware 5 /7 AD authentication


I want to be able to login to all switches wiht domain credentials and when users are created in AD they will be able to login to the HP switches with either read only acces or manager access. I have Radius setup on server 2012 NPS and I have a HP 5130 R3106.

Attached is the NPS config

Configs from HP Switch:

line class aux
 user-role network-admin
line class vty
 authentication-mode scheme
 user-role network-admin
 user-role network-operator


radius scheme mrc
 primary authentication
 key authentication cipher $c$3$9CDAVtV4raGniCCp4rQN3qluzllgvWo=
 timer quiet 1
 timer response-timeout 5
 user-name-format keep-original


domain mrc
 authorization-attribute idle-cut 5 10240
 authentication login radius-scheme mrc local
 authorization login radius-scheme mrc local


 domain default enable mrc


Frequent Visitor

Re: Server 2012 NPS with Comware 5 /7 AD authentication

Unable load jpg, png of the NPS setup.

Connection request policy:

Conditions : NAS Identifier - value test-?

Network Policies


User (Group domain\domain admins) : service-type Login


authentication ticke MS-CHAPv2 / MS-CHAP / PAP,SPAP


Framed-Protocol : PPP

Service-Type: Administrative

Vendor Specific : Cisco-AV-Pair / Vendor Cisco / Value shell:roles="network-admin"

I ran Wireshark and Radius Access-request and access-accept.

on the CLI I get Login Failed. NPS logs "Network Policy Server granted access to a user"