When a RADIUS authentication attempt succeeds, the Dominion KSX determines the permissions for a given user based on the permissions of the user's group.
Your remote RADIUS server can provide these user group names by returning an attribute, implemented as a RADIUS FILTER-ID. The FILTER-ID should be formatted as follows: Raritan:G{GROUP_NAME} where GROUP_NAME is a string denoting the name of the group to which the user belongs.
Raritan:G{GROUP_NAME}:D{Dial Back Number}
where GROUP_NAME is a string denoting the name of the group to which the user belongs and Dial Back Number is the number associated with the user account that the Dominion KSX modem will use to dial back to the user account.