Black Box LES110BA, LES1116A, LES1132A, LES114BA, LES1208A-R2, LES1216A-R2, LES1232A, LES1248A-R2, LES1308A, LES1316A, LES1332A, LES1348A, LES1408A, LES1416A, LES1432A, LES144BA, Value-Line and Advanced Console Servers 9.1.7 Remote groups with RADIUS authentication , 9.1.8 Remote groups with LDAP authentication

 Select Serial & Network: Authentication

 Select the relev ant Aut hentication Method

 Check the Use Remote Groups button

9.1.7 Remote groups with RADIUS authentication

 Enter the RADIUS Authentication and Authorization S erver Address and Server P assword

 Click Apply.

 Edit the Radius user’s file to include gr oup information and restart the Radius server

When using RADIUS authenticatio n, group names are provi ded to the console server using the

Framed-Filter-Id attribute. Thi s is a standard RADIUS attribute, and may be used by other devices

that authenticate via RADIUS.

To interoperat e with other devices using this field, the group nam es can be added to t he end of any

existing content i n t he at tribute, in the followin g f orm at :

:group_name=testgroup1,users:

The above example sets the remote user as a member of testgroup1 and users if groups with those

names exist on the console server. Any groups which do not exist on the console server are ignored.

When setting the Framed-Filter-Id, the sy st em m ay also remove the leading colon for an empty field.

To work around this, add some dummy text to the start of the st ring. For example:

dummy:group_name=testgroup1,users:

 If no group is specifi ed for a user, for example A m andaJones, then the user will have no Use r

Interface and serial port access but limi ted console access

 Default groups avai l able on the console serve r include ‘admin’ for administrator access and

‘users’ for general user access

TomFraser

AmandaJones

FredWhite

JanetLong

Cleartext-Passw ord := ”FraTom70”

Framed-Filter-Id=”:group_name=admin:”

Cleartext-Passw ord := ”JonAma83”

Cleartext-Passw ord := ”WhiFre62”

Framed-Filter-Id=”:group_name=testgroup1,users:”

Cleartext-Passw ord := ”LonJan57”

Framed-Filter-Id=”:group_name=admin:”

 Additional local groups such as testgroup1 can be added via Users & Groups: S er ial &

Network

Unlike RADIUS, LDAP has built in support f or group provisioning, which makes setting up remote groups

easier. The consol e server will retrieve a list of all the remote groups that the user is a direct member of,

and compare their names with local groups o n t he console server.

Note: Any spaces in the group name will be conv erted to underscores.

_____________________________________________________________________

724-746-5500 | blackbox.com Page 172