[RADIATOR] HP Virtual Connect attributes

Heikki Vatiainen hvn at open.com.au
Tue Dec 27 15:38:00 CST 2011 

On 12/27/2011 02:10 PM, Jacob Rohlff wrote:

> We are trying to get Radiator (radius) to work with HP Virtual Connect
> Manager (VCM) and having some difficulties getting read/write access.
> Currently we are sending the following attributes:
> HP-Privilege-Level = 0, HP-Command-String = "*",
> HP-Command-Exception-Flag = 0, HP-VC-Groups = "HPVC-Admin"
> The HPVC-Admin group is created in the VCM with access to all levels
> (Domain, Network, Server, Storage)
> 
> We do however get a warning, in the Radiator logfile, that the
> "HP-VC-Groups" attribute doesn't exist, since it is not in the dictionary.
> Would it be possible to just add the vendorattr to the dictionary file,
> something like:
> VENDORATTR      11      HP-VC-Groups              <attr#>      string
> Is it important to get the attribute number/id correct or can one pick
> and choose?

You need to have the correct attribute number. The names are just for us
humans and what matters to software is the number.

> We are currently waiting for HP support to get back to us on what
> attributes are needed.

When they get back, please ask for the attribute number. I did a google
search, but found only one reference to HP-VC-Groups which did not have
the attribute number.

So once you get the attribute number, please let us know what it is so
we can add it to Radiator dictionary.

> Have any of you guys successfully gotten radius to work with these types
> of HP devices?

I have no experience with these HP devices, but I'm quite sure once you
get the attribute number figured out, it will work if the values and
syntax for other RADIUS attributes are known.

BTW, the document I found mentioned support for TACACS+ too. That might
also be one option if there's a problem with RADIUS authentication
and/or TACACS+ provides more features, such as command logging, that you
need.

Thanks!
Heikki


-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.

More information about the radiator mailing list