I m facing issue on defining Huawei root user priviledged attributes on juniper SBR. I defined user 'test' and it has successfully autheticated but only with Read only access. kindly suggest.
In SBRC You use the Administrators panel to grant and revoke the right to use the SBR
Administrator to configure a Steel-Belted Radius Carrier server. Each time you log in to
a Steel-Belted Radius Carrier server, SBR Administrator prompts you to authenticate
yourself by entering a native user account and password.
When the Steel-Belted Radius Carrier software is installed by root, that account is
suggested as the default SBR Carrier Administrator account as well. That account has
the right to use the SBR Administrator at its default (full) level of access. Although a
UNIX group can be assigned Administrator privileges that extend to all group members,
there is no default group.
In SBRC the below 2 configuration files are used to set and map the adminstrative access levels:
admin.ini-Maps administrative access levels to sets of access rights. Used with access.ini to grant administrators access privileges to administrative objects and actions
access.ini File-The access.ini file maps operating system user or group account names to levels of
administrative privilege. The user account name and password used by an administrator
when interacting with the Steel-Belted Radius Carrier server is granted access privileges
according to the settings in this file.
Hope the above explanation helps you to resolve the issue.
Please mark this post as 'accepted solution' if this answers your question that way it might help others as well, a kudo would be a bonus thanks!!
If you need to change the user privileges on the Huawei device, that will depend on the Huawei vendor specific attributes to assign the user privileges.
You should use the Huawei make/model in the client configuration, this should allow SBR to send the proper attributes to assign user privileges.
If you are using a native user for the authentication you can set the Return List with the Huawei attributes. If you're using a different authentication method, you will use a profile for the Return List.