separating Users?

Tim Sylvester tim.sylvester at networkradius.com
Mon Nov 30 21:01:40 CET 2009


Read the comments in the huntgroups file in the raddb directory. This will
show you how to setup a huntgroup which can be used to authorize users based
on the switch (NAS) sending the authentication request.

Tim

> -----Original Message-----
> From: freeradius-users-
> bounces+tim.sylvester=networkradius.com at lists.freeradius.org
> [mailto:freeradius-users-
> bounces+tim.sylvester=networkradius.com at lists.freeradius.org] On Behalf
> Of freeradius at corwyn.net
> Sent: Monday, November 30, 2009 11:54 AM
> To: FreeRadius users mailing list
> Subject: separating Users?
> 
> 
> 
> 
> There's a piece of RADIUS that I'm not understanding.
> 
> If I have an entry in my ./users file
> DEFAULT         Auth-Type:=Accept,Ldap-Group == "Group1"
>                  Service-Type=NAS-Prompt-User,cisco-avpair="shell:priv-
> lvl=15"
> 
> And another entry
> DEFAULT         Auth-Type:=Accept,Ldap-Group == "Group2"
>                  Service-Type=NAS-Prompt-User,cisco-avpair="shell:priv-
> lvl=15"
> 
> where I'm trying to authorize users in Group1 for one set of
> switches, and users in Group2 for another set of switches, how does
> freeradius know which is which?
> 
> Rick
> 
> 
> 
> 
> Rick Steeves
> http://www.sinister.net
> 
> In reality nothing is more damaging to the adventurous spirit within
> a man than a secure future -  Alexander Supertramp
> 
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html




More information about the Freeradius-Users mailing list