New user level privilege(SM_ADMIN) has been added for radius based authentication which provides different roles in AP and SM.
User can be added to radius server with Cambium-Canopy-UserLevel as 6 which is SM_ADMIN and this user can have readwrite access in SM and readonly access in AP.
This feature is available from 15.1.1.
CONFIGURATION:
AP and SM should be configured to use radius server for authentication.
AP:
SM:
In freeradius server, Open /etc/freeradius/user and add the user
Example-1: BS ReadOnly and CPE ReadWrite
In this example UserMode is set as 0 which is readwrite, but since Userlevel is SM_ADMIN(6), user1 will have readonly access in AP and readwrite access in SM
Text to be added in /etc/freeradius/user:
"user1" Cleartext-Password := "Cambium123"
Cambium-Canopy-UserLevel = "6",
Cambium-Canopy-UserMode = "0
AP:
SM:
Example-2: BS ReadOnly and CPE ReadOnly
Here usermode is set as 1 which is readonly, so user2 will have readonly access in both AP and SM.
Text to be added in /etc/freeradius/user:
"user2" Cleartext-Password := "Cambium123"
Cambium-Canopy-UserLevel = "6",
Cambium-Canopy-UserMode = "1"
AP:
SM:
Example-3: BS ReadOnly and CPE ReadWrite
Here since usermode is not specified, it will take the default usermode which is readwrite. This is similar to Example 1.
Text to be added in /etc/freeradius/user:
"user3" Cleartext-Password := "Cambium123"
Cambium-Canopy-UserLevel = "6"
AP:
SM:
Example-4: BS ReadWrite and CPE ReadWrite
Now if we want the user to have readwrite access in both AP and SM, UserLevel should be changed to administrator(3)
Text to be added in /etc/freeradius/user:
"user4" Cleartext-Password := "Cambium123"
Cambium-Canopy-UserLevel = "3",
Cambium-Canopy-UserMode = "0
AP:
SM: