Alan DeKok wrote:
Martin.Ward@uk.neceur.com wrote:
For the MAC address I want a flat file with just the MAC addresses in it. I have tried using the passwd module and just ignoring the User-Password attribute like so:
passwd mac_address { filename = /var/mac_addresses format = "*User-Name" }
You're also ignoring the authentication method. I suggest adding a User-Password to that table.
I think I'm missing something here between the use of the authenticate and authorize sections. Using the above example, the system that passes the MAC address in to find out if it's valid passes the MAC address in both the User-Name and User-Password fields. I was hoping to be able to get away with just authenticating against the User-Name and having just one field in the table, however if I can't then I can't. As for authorizing, surely for the MAC address checking I don't need to have an authorize section, the authenticate section verifies if the MAC address is in the table or not and if it is, it passes it in? Then again, if I am authenticating against the MAC address and then authorizing against the unix login ID and password, does this mean a given user has to be in BOTH tables to gain access? |\/|artin -- Senior Network Administrator, NEC (Europe) Ltd. Acton extension: 3379 NEC*Net: 800-44-21-3379 Direct: +44 20 8752 3379 Fax: +44 20 8752 3389 Mobile: +44 7721 869 356