Aruba & ProVision-based
cancel
Showing results for 
Search instead for 
Did you mean: 

Server 2012 NPS with Comware 5 /7 AD authentication

 
WayneWIlson
Frequent Visitor

Server 2012 NPS with Comware 5 /7 AD authentication

Hi,

I want to be able to login to all switches wiht domain credentials and when users are created in AD they will be able to login to the HP switches with either read only acces or manager access. I have Radius setup on server 2012 NPS and I have a HP 5130 R3106.

Attached is the NPS config

Configs from HP Switch:

#
line class aux
 user-role network-admin
#
line class vty
 authentication-mode scheme
 user-role network-admin
 user-role network-operator

#

radius scheme mrc
 primary authentication 10.5.15.114
 key authentication cipher $c$3$9CDAVtV4raGniCCp4rQN3qluzllgvWo=
 timer quiet 1
 timer response-timeout 5
 user-name-format keep-original
 nas-ip 10.7.253.5

#

domain mrc
 authorization-attribute idle-cut 5 10240
 authentication login radius-scheme mrc local
 authorization login radius-scheme mrc local

#

 domain default enable mrc

 

1 REPLY
WayneWIlson
Frequent Visitor

Re: Server 2012 NPS with Comware 5 /7 AD authentication

Unable load jpg, png of the NPS setup.

Connection request policy:

Conditions : NAS Identifier - value test-?

Network Policies

Condition

User (Group domain\domain admins) : service-type Login

Constraints

authentication ticke MS-CHAPv2 / MS-CHAP / PAP,SPAP

Settings:

Framed-Protocol : PPP

Service-Type: Administrative

Vendor Specific : Cisco-AV-Pair / Vendor Cisco / Value shell:roles="network-admin"

I ran Wireshark and Radius Access-request and access-accept.

on the CLI I get Login Failed. NPS logs "Network Policy Server granted access to a user"