Hi We used to list all our fifty thousand usernames individually in the users file, but this made it quite large so following advice on this mailing list I decided to use rlm_passwd instead. This seems to work very well and the file size is much smaller. I have configured my passwd style users file as follows :- passwd york_passwd { filename = /etc/raddb/yorkpasswd format = "*Stripped-User-Name:NT-Password:Crypt-Password" hashsize = 100000 ignorenislike = yes } However, I would now like to restrict access to a particular NAS device to a particular set of users and I am not sure how best to go about this. If these users were still listed in the users file I could do something like this for users allowed access :- user1 NT-Password := "blah", Crypt-Password := "blah" ...and this for disallowed users :- user2 NT-Password := "blah", Crypt-Password := "blah", NAS-Identifier != restrictednas Could anybody suggest a solution using my rlm_passwd setup? Thanks -- Ben Thompson University of York
B Thompson <bt4@york.ac.uk> wrote:
However, I would now like to restrict access to a particular NAS device to a particular set of users and I am not sure how best to go about this.
Create a group, and put those users into that group, also using rlm_passwd. You could add a new file, or simply add the group name as another field in the current file. See "man rlm_passwd" for examples. Alan DeKok.
participants (2)
-
Alan DeKok -
B Thompson