Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

BIG-IP authentication for admin users. Remote Role Groups for TACACs and RADIUS

rafaelbn_176840
Altostratus
Altostratus

‎23-Feb-2018 08:39

Hello Devs!

 

How's everybody doing?!

 

I'm trying to wrap my head around remote role groups. Authenticating any BIG-IP against AD/TACACs/RADIUS/LDAP is pretty easy. You point to correct server and voialá, you can authenticate.

 

But the thing is that giving any authenticated user role administrator seems a bit risky.

 

I know there is the feature for "Remote Role Groups". I tested it with AD and it was very straight forward to setup so only users from a specific group had role Admin.

 

Is it possible to use "Remote Role Groups" with TACACs and RADIUS? What would be the attribute string?

 

0691T000006AppJQAS.jpg

 

I ask this because it would be easier to thinker with remote role groups than trying to mess with tacacs/radius softwares.

 

Thanks!

 

Labels:
0 Kudos
1 REPLY 1

Amresh008
Nimbostratus
Nimbostratus

‎28-Jul-2021 08:09

F5-LTM-User-info-1=adm

0 Kudos
Copyright © 2023 Khoros, LLC