Filter
Top Products
82 DOMINION KX II USER GUIDE
Returning User Group Information via RADIUS
When a RADIUS authentication attempt succeeds, the Dominion KX II device determines the
permissions for a given user based on the permissions of the user’s group.
Your remote RADIUS server can provide these user group names by returning an attribute,
implemented as a RADIUS FILTER-ID. The FILTER-ID should be formatted as follows:
Raritan:G{GROUP_NAME}
where GROUP_NAME is a string, denoting the name of the group to which the user belongs.
RADIUS Communication Exchange Specifications
The Dominion KX II unit sends the following RADIUS attributes to your RADIUS server:
ATTRIBUTE DATA
LOGIN
Access-Request (1)
NAS-Port-Type (61) VIRTUAL (5) for network connections.
NAS-IP-Address (4) The IP Address for the Dominion KX II unit.
User-Name (1) The user name entered at the login screen.
Acct-Session-ID (44) Session ID for accounting.
User-Password(2): The encrypted password.
Accounting-Request(4)
Acct-Status (40) Start(1) – Starts the accounting.
NAS-Port-Type (61) VIRTUAL (5) for network connections.
NAS-Port (5) Always 0.
NAS-IP-Address (4) The IP Address for the Dominion KX II unit.
User-Name (1) The user name entered at the login screen.
Acct-Session-ID (44) Session ID for accounting.
LOGOUT
Accounting-Request(4)
Acct-Status (40) Stop(2) – Stops the accounting
NAS-Port-Type (61) VIRTUAL (5) for network connections.
NAS-Port (5) Always 0.
NAS-IP-Address (4) The IP Address for the Dominion KX II unit.
User-Name (1) The user name entered at the login screen.
Acct-Session-ID (44) Session ID for accounting.