Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1793
Views
5
Helpful
3
Replies

Unable to login to CSM Config Manager using Radius Authentication

Go to solution
mahesh18
Level 6
Level 6

‎11-27-2013 02:11 PM - edited ‎02-21-2020 05:03 AM

Hi everone,

I have config CSM 4.4  for Radius authentication.

From https;//CSM  IP address  i can log on using Radius authentication fine no issues

But when i login from my configuration manager at desktop with radius i get error message

You are not allowed to login because your user profile doesn’t have any role associated.

Please contact CSM admin for configuring proper role.

Any ideas what should i do?

Regards

MAhesh

1 person had this problem
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
hoffa2000
Level 3
Level 3
In response to PAUL TRIVINO

‎02-19-2015 12:06 AM

Hi

I had the same problem as Mahesh. I went through the role settings several times, I even created a new role and set it to default and I still got the error message when I tried to access the CSM client using my radius account. The radius server, Windows NPS, was authenticating correctly, no problem there. I could also log into the web GUI for the server using my radius accounts.

 

The setting that solved it for me was found in the CSM client under Administration - Server Security. Once I ticked "Allow logon for user ids not available in Local User Database" I could log into the CSM client using my radius logins.

 

Regrards

Fredrik Hofgren

View solution in original post

3 Replies 3

Go to solution
PAUL TRIVINO
Level 3
Level 3

‎06-24-2014 01:56 PM

As I understand it, you must also define the users in Common Services and set their role there.  Unlike (for example) ASA VPN users, who can be authenticated by RADIUS and the RADIUS server will return some attribute(s) if configured this way, CSM apparently does NOT check any such attributes returned, and so basically all you can do is use RADIUS/AD/whatever to "manage passwords."  So in our case we have simply listed our NetEng users in Common Services with "XXX" role, and assigned a Default Role for users not so defined in Common Services.

0 Helpful

Go to solution
hoffa2000
Level 3
Level 3
In response to PAUL TRIVINO

‎02-19-2015 12:06 AM

Hi

I had the same problem as Mahesh. I went through the role settings several times, I even created a new role and set it to default and I still got the error message when I tried to access the CSM client using my radius account. The radius server, Windows NPS, was authenticating correctly, no problem there. I could also log into the web GUI for the server using my radius accounts.

 

The setting that solved it for me was found in the CSM client under Administration - Server Security. Once I ticked "Allow logon for user ids not available in Local User Database" I could log into the CSM client using my radius logins.

 

Regrards

Fredrik Hofgren

Go to solution
mahesh18
Level 6
Level 6
In response to hoffa2000

‎02-21-2015 08:20 AM

 

Hi Fredrik,

I open Tac case and for this and got it resolved.

Seems TAC did exactly as what you said.

 

Regards

Mahesh

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card