Greetings:
I wonder if there is a way to get administrators authenticated by a raduis or tacas server to get access to winbox with a specific privilege. In a large Mikrotik deployment how can administrator changes be tracked and how can we restrict admin/users roles.
Thank you
See https://wiki.mikrotik.com/wiki/Manual:Router_AAA#Remote_AAA for RADIUS
You can set a default user group for all logins, maybe read only, and then override that in the radius response.
eg set MikroTik-Group = full
Hope that helps
Nick
Thank you nick will try it.
One more question, can the router os be a raduis server to different switches/routers?