Specifications
116 Advanced Operations
Installation and Operations Manual
Vendor-Specific Attributes (VSA):
Server Technology has defined and formatted RADIUS vendor-specific attributes (VSA) in the
dictionary.sti file, which is available from Server Technology. The PT22 unit is configured to
recognize and use the configuration values in the file as specified by the network administrator,
indicating to the RADIUS server that the defined attributes are based on Server Technology’s unique
enterprise vendor code.
Using the format of the dictionary.sti file (located on the Server Technology FTP site at
ftp.servertech.com, the PT22 RADIUS implementation supports the following vendor-specific
attributes:
Vendor-Specific Attribute (VSA) Descriptions
Attribute Description
STI-Access-Level Indicates user access level for the PT22; values are 1-6 as follows; a valid access
level is required or access to the unit is denied.
Valid Access Levels:
1 = Admin
2 = Power User
3 = User
4 = Reboot Only
5 = On Only
6 = View Only
STI-Env-Mon Determines user access rights to environmental monitoring; values are Yes or No. For
the STI-Access-Level value other than 1 (Admn), if STI-Env-Mon is not included for a
user, default is no.
STI-Outlets Specifies user access rights to outlets; values are space-delimited strings of absolute
IDs, names, or the special keyword “ALL”. String values are case-sensitive and limited
to 253 characters. This attribute can be repeated to append strings that declare
additional access rights. For STI-Access Level values other than 1 (Admn) and 2
(Power User), if STI-Outlets is not included for a user, the default is no outlet.
STI-Groups Specifies user access rights to groups of outlets; values are space-delimited strings of
absolute IDs, names, or the special keyword “ALL”. String values are case-sensitive
and limited to 253 characters. This attribute can be repeated to append strings that
declare additional access rights. For STI-Access Level values other than 1 (Admn)
and 2 (Power User), if STI-Groups is not included for a user, the default is no group.
STI-Ports Specifies user access rights to ports; values are space-delimited strings of absolute
IDs, names, or the special keyword “ALL”. String values are case-sensitive and limited
to 253 characters. This attribute can be repeated to append strings that declare
additional access rights. For STI-Access Level values other than 1 (Admn) and 2
(Power User), if STI-Ports is not included for a user, the default is no ports.
NOTE: User access levels must be configured using the dictionary.sti file. If the administrator does not use the
dictionary.sti file to configure a user, the user will not have access rights to the PT22.
Examples:
Administrator with full access and configuration rights:
sti-admin Auth-Type := Local, User-Password == "admin"
STI-Access-Level = Admin
Power user with environmental monitoring allowed and full outlet/group/port access rights:
sti-power Auth-Type := Local, User-Password == "power"
STI-Access-Level = Power-User,
STI-Env-Mon = Yes
User with environmental monitoring not allowed and specific outlet/group/port access rights:
sti-user Auth-Type := Local, User-Password == "user"
STI-Access-Level = User,
STI-Env-Mon = No,
STI-Outlets = ".A1 .A2 Rtr1 Rtr2 Srvr1 Srvr2",
STI-Outlets += ".A3 .A4 Rtr3 Rtr4 Srvr3 Srvr4",
STI-Groups = "Routers Servers",
STI-Ports = "Console"
View-only user with environmental monitoring allowed and all outlet and group access rights:
sti-view Auth-Type := Local, User-Password == "view"
STI-Access-Level = View-Only,
STI-Env-Mon = Yes,
STI-Outlets = "ALL",
STI-Outlets = “ALL”