Alan or Kevin, found this possible to be done with Autz-Type. First, I have one passwd file which should check the following things: passwd edg_check { filename = /etc/freeradius/pass_check format = "*Realm:~NAS-IP-Address:Autz-Type" } The name of this passwd I have put in authorize section. In the same section I have also created an Autz-Type, like follows: authorzie{ preprocess mschap chap suffix edg_check Autz-Type mt { edg_pass edg_pass_group } } So the content of the 'edg_check' is 'mt:10.5.8.102:mt'. Seems that somewhere is mistake caus' receiving in the debug screen the following information (pay attention to "rlm_passwd: *Unable to create Autz-Type: mt*". What could it mean?): ......................... rlm_realm: Looking up realm "mt" for User-Name = "edg@mt" rlm_realm: Found realm "mt" rlm_realm: Adding Stripped-User-Name = "edg" rlm_realm: Proxying request from user edg to realm mt rlm_realm: Adding Realm = "mt" rlm_realm: Authentication realm is LOCAL. modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 rlm_passwd: *Unable to create Autz-Type: mt* rlm_passwd: Added NAS-IP-Address: '10.5.8.102' to request_items modcall[authorize]: module "edg_check" returns ok for request 0 modcall: group authorize returns ok for request 0 auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user auth: Failed to validate the user. Login incorrect: [edg/edg] (from client lalala port 0 cli 10.5.8.106) Thanks a lot, Edgars Alan DeKok wrote:
Edgars <edzix19@inbox.lv> wrote:
i had a thought that I could make so that all my users would have an access to different servers (realms) with possibility to have different passwords. So, I have no idea how to make this except the thought I wrote in one of my today e-mails (about if statement).
It's hard, and it's problematic. I would not recommend doing this.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html