Good Afternoon;
I am looking at different ways to authorize users using
local resources. I would like to create various Text files (like
foundry.acl, juniper.acl etc etc) with a list of kerberos principles contained
within (each principle separated by new line).
When a user attempts to authenticate from a given IP range
the radius engine will authorize the user against the appropriate acl file, if
the user is contained within the acl file then they are allowed and certain
vendor specific attrs are sent back with the acess accept.
Basically I would like to create "groups" to authorize
access to different devices accross the network, LDAP is not an option and
moving forward with a SQL db seems a bit over kill.
Larry