Hello, I am new to Radius and Free Radius, so forgave me if this question
has been asked or it is crazy.
We are in process of change all our
authentication and authorization.
At the moment every "service" has it's own
user-id/password database. Thus
authentication/authorization per service is
simple. want to deny access to a
given user, disable his/her password or
that service.
As you can imagine this has a big overhead and users have to
remember many
user-id/password per.
Can we use Radius/LDAP to do
this.
What I was hope we can do is as follow:
everyone will get one
user-id/password But for every service we will create
a boolean attribute.
All services, dialup/wireless/vpn/etc will use one
radius server for both
Auth(authenticate/authorize).
The question is can FreeRadius(or any radius)
be configured to as the LDAP
for the correct service attribute and give
access both base on the
user-id/password and what the value of the
services?
Thank you all for your help.