cancel
Showing results for 
Search instead for 
Did you mean: 

Setting up Microsoft Radius Authentication/Authorization Servers - Junos Vendor ID

Highlighted
Occasional Contributor

Setting up Microsoft Radius Authentication/Authorization Servers - Junos Vendor ID

Hallo,

earlier this year i tried to search for the Vendor ID in order to set up Microsoft Radius Authentication/Authorization Server.

I could't find any documentation neither in Forum and nor in the KBs. A long search led me to the following website which helped me easily setup Radius Authentication/Authorization Servers

http://cooperlees.com/blog/?p=458

Just wanted to share info.

Kind Regards

Khan

4 REPLIES 4
Highlighted
Respected Contributor

Re: Setting up Microsoft Radius Authentication/Authorization Servers - Junos Vendor ID

Thank you for sharing; that is greatly appreciated.

Highlighted
Super Contributor

Re: Setting up Microsoft Radius Authentication/Authorization Servers - Junos Vendor ID

Hi,

Thanks for the info.

I have gonethrough th elink shared and understood that we can use ADS groups can be used by MS-NPS Radius server however i would like to know, in SA role mapping rule on what what basis you are doing the rolemapping, is it using the user attribute type or username based because, your actual requirement is you wanted group looking using microsoft radius server as authentication/authorization server.

Regards,

Kannan

Highlighted
Occasional Contributor

Re: Setting up Microsoft Radius Authentication/Authorization Servers - Junos Vendor ID

Hi Kannan,

I guess you are talking about the other thread:

https://forums.pulsesecure.net/topic/pulse-connect-secure/135441-role-mapping-based-on-active-direct...

Yes you are right, Radius Authentication is based on AD Group but once this method is used, so far I couldn't find a way to map roles based on AD Groups.

Apparently this is possible only with LDAP or AD Authentication. At Present, since we have few users, we are doing it by username. We intend to Implement RSA token Server later in May and maybe then we switch to AD or LDAP Authentication. Untill then I will be looking for a solution to the problem posted in the above thread.

Kind Regards

Khan

Highlighted
Respected Contributor

Re: Setting up Microsoft Radius Authentication/Authorization Servers - Junos Vendor ID

correct, AD group membership cannot be used through radius.