29 Jun
2010
29 Jun
'10
3:30 a.m.
Ömer Tuğrul wrote:
My question is; How can I seperate network management authentication and internet access authentication rights? I mean, I don't want that some ldap users to console my network devices. I just want to allow them to authenticate internet access and some ldap users may console to devices.
What is different in the Access-Request? i.e. when a normal user logs in, what does the packet look like? When a user logs in via the console, what does the packet look like? Find out the differences, and write "unlang" rules to check for them. if (looks like normal user) { do normal user things... } Alan DeKok.