Hello David, Thanks for the syntax. Sadly this still does not work. The free radius server will authenticate me as a user but the 5K wants me as an operator and not admin.
If you have the 5K working, could I be cheeky and ask if you could mail me the radius config on your 5K thanks Rgds Darren Shaw The Network Team Computing Services University of Huddersfield Queensgate Huddersfield HD1 3DH TEL: 01484 471317 MOBILE: 07792 773807 -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of David Mitchell Sent: 04 May 2011 15:14 To: FreeRadius users mailing list Subject: Re: Nexus Configurations On May 4, 2011, at 4:48 AM, Darren Shaw wrote: > Good Morning > > I am new to this forum and to the workings of FreeRadius and I have a query > around the Cisco Nexus family. > > Currently we have all our switches and routers authentication to FreeRadius > and all seems to be working. The problem comes when I want to authenticate my > Nexus 7K and 5K's. The 7Ks and 5Ks will authenticated me but the Nexus puts > me in an operator role and not in an administrator's role. > > According to Cisco I have to place the following into > > /usr/local/etc/raddb/sites-available/default > > Cisco-AVPair = "shell:roles=\"network-operator vdc-admin\"" > Cisco-AVPair = "shell:roles*\"network-operator vdc-admin\"" > Cisco-AVPair = "shell:roles=\"network-admin vdc-admin\"" > Cisco-AVPair = "shell:roles*\"network-admin\"" This is what I'm adding to the replies for Nexus 5K's. I don't have any 7K's but I'd be surprised if they were any different. I have not tried to send two roles so I can't confirm the syntax for that. Cisco-AVPair += "shell:roles=network-admin", Service-Type := Administrative-User, -David Mitchell > > > The current service type is = Administrative -User > > I have tried each AVPair and nothing works. Has anyone else had this issue? > > If anyone has any advice I would be really grateful. > > Thanks > > > > Rgds > Darren Shaw > The Network Team > Computing Services > University of Huddersfield > Queensgate > Huddersfield > HD1 3DH > > TEL: 01484 471317 > MOBILE: 07792 773807 > > > > ________________________________ > > --- > This transmission is confidential and may be legally privileged. If you > receive it in error, please notify us immediately by e-mail and remove it > from your system. If the content of this e-mail does not relate to the > business of the University of Huddersfield, then we do not endorse it and > will accept no liability. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html ----------------------------------------------------------------- | David Mitchell ([email protected]) Network Engineer IV | | Tel: (303) 497-1845 National Center for | | FAX: (303) 497-1818 Atmospheric Research | ----------------------------------------------------------------- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html --- This transmission is confidential and may be legally privileged. If you receive it in error, please notify us immediately by e-mail and remove it from your system. If the content of this e-mail does not relate to the business of the University of Huddersfield, then we do not endorse it and will accept no liability. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
