MAC authorisation (but not authentication) via LDAP
Hi.
Probly just me not understanding...
What I want is for our switches to only allow access to MAC addresses in
our LDAP database.
I don't want to store passwords on our LDAP host entries.
I'm set up to check LDAP during authorisation, and it correctly returns
authorised / not authorised depending on whether the appropriate
attribute contains the right value.
The trouble comes with authentication - either I set Auth-Type :=
Accept, in which case and failed authorisation is overridden, or I allow
authentication to carry on against LDAP ( or System, or whatever ), in
which case it fails always and access is denied, even for authorised MACs.
Is there a way to make the Authorisation part final and authoritative?
As I say, probly just being stoopid.
Mart
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
This archive was generated by a fusion of
Pipermail (Mailman edition) and
MHonArc.