Read-only Radius Authentication
Posted: Mon Oct 24, 2022 3:54 am
I have reviewed all posts on these forums regarding radius authentication.
We have several netonix switches and would like the option for our tech support team to login to the switches with read-only permissions. This is simply needed for investigating or troubleshooting purposes. When changes need to be made it should be escalated instead of directly implemented by the tech support team.
Reasoning for this is to avoid costly mistakes damaging equipment / switch or cause network downtime due to incorrect config.
Do you have this on the roadmap for implementation? I.e. distinguishing between full admin accounts and read-only accounts on radius login / authentication?
Many thx
We have several netonix switches and would like the option for our tech support team to login to the switches with read-only permissions. This is simply needed for investigating or troubleshooting purposes. When changes need to be made it should be escalated instead of directly implemented by the tech support team.
Reasoning for this is to avoid costly mistakes damaging equipment / switch or cause network downtime due to incorrect config.
Do you have this on the roadmap for implementation? I.e. distinguishing between full admin accounts and read-only accounts on radius login / authentication?
Many thx
Definitely would be a useful improvement following the principle of least privilege. Also, as I've said before, it should only fall back to using the local password if RADIUS is unavailable.