- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Comware Based
- >
- .dct File for Radius Configuration
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-14-2015 10:42 AM
10-14-2015 10:42 AM
.dct File for Radius Configuration
Hey all, I was wondering if HP created an official DCT file for radius server use. I am currently working with RSA SecurID Authentication Manager's built in radius server and I would like to pass back privilege levels to my HP A Series (JG237A and JG225A) after accounts are authenticated. I do have access to a 3comswitch.dct out of the box, but it appears to be old and uses an attribute that I have not found to be listed as a valid privilege attribute.
The existing .dct file has the attribute listed to be "3Com-User-Access-Level" however in both H3C and some other various internet resources I have seen the following values:
- Huawei-Exec-Privilege
- H3C-Exec-Privilege
The meat and potatoes of the .dct file looks like this:
################################################################################ # 3comswitch.dct - 3Com SuperStack II 3900 LAN Stackable Switch dictionary # (See README.DCT for more details on the format of this file) ################################################################################ # Created 01/25/01 ECA # # Use the Radius specification attributes in lieu of the 3com ones # @radius.dct # # Define additional 3Com Enterprise Network VSA parameters # (add 3Com SS3900 specific attributes below) # 3Com Vendor Id (vid)=43 ATTRIBUTE 3Com-User-Access-Level 26 [vid=43 type1=1 len1=6 data=integer] r VALUE 3Com-User-Access-Level Administrator 3 VALUE 3Com-User-Access-Level Manager-(write) 2 VALUE 3Com-User-Access-Level Monitor-(read) 1 ################################################################################ # 3comswitch.dct - 3Com SuperStack II 3900 dictionary ################################################################################
I figure the A series .dct file would look similar. Anyone have any ideas?
The basic premise of this is that I want to use radius authentication on my switches. My switches will send the local authentication request to the radius server, which will then look at Active Directory as RSA SecurID Authentication Manager integrates the two technologies inherently. Once the user is authenticated to the group, I want to send back to the switch the approval for use and the level at which the user has access in this case privilege level 3 (Full Admin).