User Community Feedback

(ref: https://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/broadworks/FD/All/BroadWorksNetworkAdministratorFD-R250.pdf)

Please consider enhancement of this function, to allow for the following:

• Allow users defined on Network Server, with access level 'Network Admin' (NA) to have authentication performed via an external source (e.g. LDAP, RADIUS, etc)

  • External Authentication concept available on OCS is probably not suitable here, as there is no OCS layer bolted into NS for it to decide to sub-delegate authentication/authorisation to

• Allow NA users defined on Network Server to retrieve 'Privilege Scope' via an external source (e.g. LDAP, RADIUS, etc) by mapping attributes/groups/etc that can be returned from the external source to the internal levels (for LDAP), or to parse returned responses from RADIUS (expect them to be strings matching pre-defined scope levels)

• Allow NA users to be dynamically looked up without definition on NS, if an end-user attempts to login with a specific realm/domain. e.g. pre-assign namespace of "@admin.users" such that anyone attempting to authenticate/authorise as "user@admin.users" will automatically trigger a query to the external source, retrieving authorisation data and attempting authentication

• Allow any/all external data sources to be accessible with/without encryption, multiple service points (round-robin, load-balance, etc)

• Stretch Goal: Make it work with all commands within all relevant *_CLI systems (ref: SR691403975) instead of some/most.

Thanks!