The RADIUS attribute called "Juniper-Junosspace-Profile" does not appear in the drop-down Attribute selection
2 years ago
Article Number
000072043
Applies To
RSA Product Set: RSA SecurID 
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.7 Service Pack 2
Issue
Integrating JunoSpace with Authentication Manager where there is a requirement to return RADIUS attributes in the RADIUS authentication response.
The RADIUS attribute called "Juniper-Junosspace-Profile" does not appear in the drop-down attribute selection when creating a RADIUS profile.
Cause
The Juniper RADIUS dictionary file is misconfigured for the RADIUS attribute "Juniper-Junosspace-Profile".
Resolution
RSA will look to address the issue with the Juniper RADIUS dictionary in a future release of an Authentication Manager Service Pack or Patch. In the meantime, follow the steps below to manually update the Juniper RADIUS dictionary in Authentication Manager. These steps must be performed on the primary and each replica instance in the Authentication Manager deployment.

1/ Logon to the Operations Console 

2/ Navigate to Deployment Configuration > RADIUS Servers > enter Super Admin credentials when prompted > left-click a Server Name > select Manager Sever Files > click the Dictionary Files tab

Locate the dictionary called “dictionary.juniper” and left-click the File Name > select Edit > scroll down the dictionary file to the line “ATTRIBUTE          Juniper-Junosspace-Profile                   11           String"

3/ Change “String” to be “string” (all lowercase) in the line where the result will be “ATTRIBUTE                Juniper-Junosspace-Profile                   11           string"

For example, where the correction has been made:

4/ Click Save & Restart RADIUS Server 
NOTE: this will have an impact on the RSA RADIUS server as the restart will likely take 2-3 minutes.

5/ After the restart of the RSA RADIUS server the administrator will see this message on the screen:

6/ Logout of the Security Console if an administrator is already logged in. Login to the Security Console with a new session.

Where a RADIUS client already exists with a Make / Model of “Juniper” then add a new RADIUS profile.

For example:

 The procedure to add a RADIUS profile can be found at URL https://community.rsa.com/s/article/Add-a-RADIUS-Profile-60341e37

The “Juniper-Junosspace-Profile” RADIUS attribute is now showing in the drop-down attribute list, as shown below:




 

Related Articles

Trending Articles

Don't see what you're looking for?