Re: Menu disabled when using aaa authorization commands radius set

lwhitworth · ‎05-03-2016

I've got Radius authentication setup and it's working okay, but I also want to setup command authorization so I can control what commands an account is able to run. I've setup a test account in freeradius:

test Cleartext-Password := "notsecure"
        Service-Type = Administrative-User,
        HP-Command-String = "",
        HP-Command-Exception = 1

and set aaa authorization commands radius on the switch (a procurve 2610). Problem is despite the definition allowing all commands (and this works) it would appear "menu" doesn't work, I get the error "Not authorized to execute this command.".

Has anyone succesfully enabled radius command authorization and managed to retain access to the menu?

Michael Patmon · ‎05-12-2016

Menu is a special command that you have to explicitly allow in the command list because it implies the user has full access to anything the menu can do. To allow it:

test Cleartext-Password := "test"
Service-Type = 6,
HP-Command-String = "menu;.*"

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: Menu disabled when using aaa authorization commands radius set

Menu disabled when using aaa authorization commands radius set

Re: Menu disabled when using aaa authorization commands radius set