You can use FreeRadius as the authentication and authorization realm for admin users on the Management Center (MC)
Symantec Management Center and FreeRadius running on Debian system.
There are many publicly available guides for FreeRadius installation. As and example you can follow the steps here to install the FreeRadius service on Debian. Once the installation is complete the important files are stored at:
/etc/freeradius/radiusd.conf Includes the radius service configuration
/etc/freeradius/users Includes the radius user configuration. The MC recognizes two attributes. Blue-Coat-Group and Blue-Coat-Authorization. This means that we need to define these two values in the users file as in the below example:
The first attribute has the string of "Administrators" which is a default group defined on the MC. You can change this but you have to make sure that on both sides the string matches. Since this is a UNIX based service the strings are case sensitive. If you want a user that will only be able to run reports you can define a group on MC called Monitor, add theappropriate rights on the MC under the Roles settings,and create a user on FreeRadius as below:
The second attribute cannot be changed on the MC. It is there by default and it is also in the VCP file you can download on the Symantec's download portal-https://support.symantec.com.
NOTE: If you do not define the Blue-Coat-Authorization attribute the user will be able to login (authenticate) but won't able to do anything (no authorization).
/etc/freeradius/clients.conf Includes the clients configuration. In Radius , clients are the devices that authenticate the user against the Radius server. In this case it is the MC. The clients can be defined as below: