FreeRADIUS Version 3.0.7 Hello, I'm migrating to freeradius from Radiator, and the configuration files are very, very different, so I'm looking for some conceptual guidance, or some working examples. Essentially, I'm just not getting it when it comes to configuring a different list of users for each freeradius client. Not sure if I'm supposed to use huntgroups or features within client definitions. The background: We use Radius to authenticate access to Cisco switches (and some APC UPS devices). Our switches are mostly managed solely by a group of admins (users useraa, userbb, and usercc), and a user userdd with read-only access. Our Cisco switches are currently all statically listed as follows (in clients.conf): client coswe008 { ipv4addr = 10.79.161.102 secret = leauth nas_type = cisco } I have a file with our info configured in /etc/raddb/mods-enabled/passwd: passwd fss_passwd { filename = /usr/local/etc/raddb/fss-users.passwd delimiter = | format = "*User-Name:Crypt-Password:=Service-Type:=Cisco-AVPair:=APC-Service-Type" hash_size = 100 ignore_nislike = yes allow_multiple_keys = no } and the contents of fss-users.passwd: # File Format is (extra spaces around the '|' for ease of reading) # User-Name | Crypt-Password | Service-Type | Cisco-AVPair | APC-Service-Type useraa|OwdaaacZLaaaE|NAS-Prompt-User|shell:priv-lvl=15|Admin userbb|OwdbbbcZLbbbE|NAS-Prompt-User|shell:priv-lvl=15|Admin usercc|OwdccccZLcccE|NAS-Prompt-User|shell:priv-lvl=15|Admin userdd|OwddddcZLdddE|NAS-Prompt-User|shell:priv-lvl=1| and this works fine. What I'd like to be able to change, though, is for userdd to have admin access to two of our switches, and read access to all the rest. The essence of this question is how do I customize the user list for each client? Is it a huntgroup, or a conditional include in the clients.conf file? Thanks for what you can offer on this topic, pjc PS - is there an archive for this list that can be searched?