Because I was never sure how to keep em off the other realm. They should all be stuck on realm I put em on -----Original Message----- From: freeradius-users-bounces+jeffa=globalco.net@lists.freeradius.org [mailto:freeradius-users-bounces+jeffa=globalco.net@lists.freeradius.org] On Behalf Of Alan DeKok Sent: Sunday, February 14, 2010 2:43 AM To: FreeRadius users mailing list Subject: Re: Allowing user from one realm but not another Jeff A wrote:
I have three different realms users can login with
For examples they are (foo.net, bar.net, beg.net)
Are all users valid on all realms? If so, why?
Say billy@foo.net <mailto:billy@foo.net> has abused the foo.net realm now I need him solely on the beg.net and disallowing the other two realms. In other words reject him before if he trys to use the old realm again. In other words I want to allow only billy to use this one new realm and be rejected if he trys another realm.
Then you need a rule specifically for that user.
This has to take place I figure in preproxy, cause my users file is authenticated minus the realm in proxy..
You can still access the "Realm" attribute in the "users" file: bob Realm != "foo.net", Auth-Type := Reject Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html