26 May
2010
26 May
'10
1:53 p.m.
Whitmarsh Mark (Leeds Teaching Hospitals NHS Trust) wrote:
The idea is that superusers are allowed to login to any of the 200 network devices whilst users are only allowed to login to a subset of say 50 devices. It's straightforward enough for the superusers and works fine but I'm stumped on how to handle the others. I have tested the following OK in sites-enabled/default:
Groups. See "man rlm_passwd". Create RADIUS-specific groups, and check them. Users can be in a group, *or* NASes. Alan DeKok.