11-27-2013 02:11 PM - edited 02-21-2020 05:03 AM
Hi everone,
I have config CSM 4.4 for Radius authentication.
From https;//CSM IP address i can log on using Radius authentication fine no issues
But when i login from my configuration manager at desktop with radius i get error message
You are not allowed to login because your user profile doesn’t have any role associated.
Please contact CSM admin for configuring proper role.
Any ideas what should i do?
Regards
MAhesh
Solved! Go to Solution.
02-19-2015 12:06 AM
Hi
I had the same problem as Mahesh. I went through the role settings several times, I even created a new role and set it to default and I still got the error message when I tried to access the CSM client using my radius account. The radius server, Windows NPS, was authenticating correctly, no problem there. I could also log into the web GUI for the server using my radius accounts.
The setting that solved it for me was found in the CSM client under Administration - Server Security. Once I ticked "Allow logon for user ids not available in Local User Database" I could log into the CSM client using my radius logins.
Regrards
Fredrik Hofgren
06-24-2014 01:56 PM
As I understand it, you must also define the users in Common Services and set their role there. Unlike (for example) ASA VPN users, who can be authenticated by RADIUS and the RADIUS server will return some attribute(s) if configured this way, CSM apparently does NOT check any such attributes returned, and so basically all you can do is use RADIUS/AD/whatever to "manage passwords." So in our case we have simply listed our NetEng users in Common Services with "XXX" role, and assigned a Default Role for users not so defined in Common Services.
02-19-2015 12:06 AM
Hi
I had the same problem as Mahesh. I went through the role settings several times, I even created a new role and set it to default and I still got the error message when I tried to access the CSM client using my radius account. The radius server, Windows NPS, was authenticating correctly, no problem there. I could also log into the web GUI for the server using my radius accounts.
The setting that solved it for me was found in the CSM client under Administration - Server Security. Once I ticked "Allow logon for user ids not available in Local User Database" I could log into the CSM client using my radius logins.
Regrards
Fredrik Hofgren
02-21-2015 08:20 AM
Hi Fredrik,
I open Tac case and for this and got it resolved.
Seems TAC did exactly as what you said.
Regards
Mahesh
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: