142
Advanced Operations
-48 VDC Remote Power Manager
Installation and Operations Manual
Vendor-Specific Attributes (VSA):
Server Technology has defined and formatted RADIUS vendor-specific attributes (VSA) in the
dictionary.sti
file,
which is available from Server Technology. The CDU is configured to recognize and use the configuration values in
the file as specified by the network administrator, indicating to the RADIUS server that the defined attributes are based
on Server Technology’s unique enterprise vendor code.
Using the format of the
dictionary.sti
file (located on the Server Technology FTP site at
), the CDU
RADIUS implementation supports the following vendor-specific attributes:
Vendor-Specific Attribute (VSA) Descriptions
Attribute
Description
STI-Access-Level
Indicates user access level for the CDU; values are 1-6 as follows; a valid access level is required or
access to the CDU is denied.
Valid Access Levels:
1 = Admin
2 = Power User
3 = User
4 = Reboot Only
5 = On Only
6 = View Only
STI-Env-Mon
Determines user access rights to environmental monitoring; values are Yes or No. For the STI-Access-
Level value other than 1 (Admn), if STI-Env-Mon is not included for a user, default is no.
STI-Outlets
Specifies user access rights to outlets; values are space-delimited strings of absolute IDs, names, or
the specia
l keyword “ALL”. String values are case-sensitive and limited to 253 characters. This
attribute can be repeated to append strings that declare additional access rights. For STI-Access Level
values other than 1 (Admn) and 2 (Power User), if STI-Outlets is not included for a user, the default is
no outlet.
STI-Groups
Specifies user access rights to groups of outlets; values are space-delimited strings of absolute IDs,
names, or the special keyword “ALL”. String values are case-sensitive and limited to 253 characters.
This attribute can be repeated to append strings that declare additional access rights. For STI-Access
Level values other than 1 (Admn) and 2 (Power User), if STI-Groups is not included for a user, the
default is no group.
STI-Ports
Specifies user access rights to ports; values are space-delimited strings of absolute IDs, names, or the
special keyword “ALL”. String values are case-sensitive and limited to 253 characters. This attribute
can be repeated to append strings that declare additional access rights. For STI-Access Level values
other than 1 (Admn) and 2 (Power User), if STI-Ports is not included for a user, the default is no ports.
NOTE:
User access levels must be configured using the
dictionary.sti
file. If the administrator does not use the
dictionary.sti
file to
configure a user, the user will not have access rights to the CDU.
Examples:
Administrator with full access and configuration rights:
sti-admin Auth-Type := Local, User-Password == "admin"
STI-Access-Level = Admin
Power user with environmental monitoring allowed and full outlet/group/port access rights:
sti-power Auth-Type := Local, User-Password == "power"
STI-Access-Level = Power-User,
STI-Env-Mon = Yes
User with environmental monitoring not allowed and specific outlet/group/port access rights:
sti-user Auth-Type := Local, User-Password == "user"
STI-Access-Level = User,
STI-Env-Mon = No,
STI-Outlets = ".A1 .A2 Rtr1 Rtr2 Srvr1 Srvr2",
STI-O= ".A3 .A4 Rtr3 Rtr4 Srvr3 Srvr4",
STI-Groups = "Routers Servers",
STI-Ports = "Console"
View-only user with environmental monitoring allowed and all outlet and group access rights:
sti-view Auth-Type := Local, User-Password == "view"
STI-Access-Level = View-Only,
STI-Env-Mon = Yes,
STI-Outlets = "ALL",
STI-Outlets = “ALL”