cancel
Showing results for 
Search instead for 
Did you mean: 

Role assignment via Radius AAA Accounting

aaron_becker_75
New Contributor
Is it possible to use a radius attribute on a Windows NPS to assign a role to a user authenticating via Radius on a ZD controller? I can find group attributes, but not a role assignment. Trying to authenticate admins via Radius. 

FYI: Googled for hours, searched here, either end up getting 404 errors on their website, or 403s if I'm not logged into an account.
2 REPLIES 2

diego_garcia_de
Contributor III
Yes. Definitively possible. You might need to import the attribute or dictionary onto nps but the attribute you want is called "Ruckus-User-Groups". You can find some more details here. https://support.ruckuswireless.com/do...

Googling for that specific term should lead you in the right direction.

If you don't have a support account you can get the radius dictionary here
https://github.com/wireshark/wireshar...

But from what I understand you have to load the dictionary manually (meaning add the attributes by hand if they are not there).

If using zone director I believe that's it. Just return the name of the role you defined in ZD and it should take. In smartzone I believe you have to create a mapping between the string received in radius and the actual role you want to use. In ZD it's a one to one mapping if I'm not mistaken.

Good luck!

diego_garcia_de
Contributor III
Not sure this link works for you. But seems directly what you need. https://support.ruckuswireless.com/ar...