BIG-IP authentication for admin users. Remote Role Groups for TACACs and RADIUS

Question

Hello Devs!&nbsp;
How's everybody doing?!&nbsp;
I'm trying to wrap my head around remote role groups. Authenticating any BIG-IP against AD/TACACs/RADIUS/LDAP is pretty easy. You point to correct server and voialá, you can authenticate.&nbsp;
But the thing is that giving any authenticated user role administrator seems a bit risky.&nbsp;
I know there is the feature for "Remote Role Groups". I tested it with AD and it was very straight forward to setup so only users from a specific group had role Admin.&nbsp;
Is it possible to use "Remote Role Groups" with TACACs and RADIUS? What would be the attribute string?&nbsp;
&nbsp;
I ask this because it would be easier to thinker with remote role groups than trying to mess with tacacs/radius softwares.&nbsp;
Thanks!&nbsp;

amresh008 · Answer

F5-LTM-User-info-1=adm

Forum Discussion

BIG-IP authentication for admin users. Remote Role Groups for TACACs and RADIUS

Recent Discussions

AS3 Limitations

Diameter iRules attachment?

Help needed with iRule (connection closed log )

Use of SSL Decryption.

VLAN Failsafe Functionality

Related Content

Help F5 Transform the BIG-IP Administrator Certification

BIG-IP Next: iRules pool routing

BIG-IP Telemetry Streaming to Azure

BIG-IP Next Automation: AS3 Basics

Re: Get Started with BIG-IP Virtual Edition (VE), BIG-IQ VE or BIG-IP Cloud Edition Trial

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS