Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo
back

SafeNet Agent for NPS

RADIUS return attributes

search

RADIUS return attributes

RADIUS return attributes

To ensure that SafeNet Authentication Service Private Cloud Edition (SAS PCE) or (STA) works with RADIUS Return Attributes, complete the following tasks:

  • Add the required SAS PCE/STA RADIUS Return Attributes.

  • Block authentication without SAS PCE/STA RADIUS Return Attributes (see [Configuring SafeNet Authentication Service Private Cloud Edition]).

Adding the RADIUS return attributes

To add the required SAS PCE/STA RADIUS Return Attributes, perform the following steps:

  1. In the STA Token Management or SAS PCE console, select Virtual Servers > Assignment > Radius Attributes (user).

    RADIUS attributes

  2. Click Add and enter the following details:

    • Vendor: Select the RADIUS Client provider.

    • Attribute: Select the required attribute. The range of available attributes varies according to the vendor.

    • Format: Select appropriate format (For example, integer, sting, date, IP, string).

    • Value: Select a value for the attribute.

      RADIUS details

  3. To restrict attributes to specific auth nodes, complete the following steps:

    1. Select Restrict To Auth Nodes.

    2. In the Auth Node box, select required Auth Nodes.

    3. Click the right arrow to move the selected Auth Nodes to the Selected Auth Nodes box.

If the RADIUS Return Attribute is configured for [ALL] auth nodes, define at least one Auth Node in the SAS PCE/STA environment. If you are setting up with a specific Auth Node, it must be defined first, and then used.

Configuring SAS PCE / STA

You can configure SAS PCE/STA to block authentication if RADIUS Return Attributes are not configured. To block RADIUS authentication without attributes, perform the following steps:

  1. In the STA Token Management or SAS PCE console, navigate to Virtual Servers > Comms.

  2. To enforce the use of SAS PCE/STA RADIUS Return Attributes, click Block RADIUS Authentication Without Attributes option (from the Task list) and click Apply.

    Block RADIUS

    Note

    If Block RADIUS Authentication Without Attributes option is selected, you must also complete the following actions, otherwise the authentication will fail:

    • Configure RADIUS Return Attributes (see Adding SAS PCE / STA).

    • In SafeNet NPS Configuration Management, NPS Settings tab, select RADIUS Return Attributes Enabled (see NPS Settings).