How to restrict users /PAM to specific NAS devices??
I am using PAM for Auth-Type. I want to be able to either 1) restrict the devices the user has access to (admins,operators, etc) by username and/or 2) preferably carve into groups my network gear/NAS devices and then assign users to groups. Simply put, I would like to know what I have to do for user1 and user2 that auth via PAM to limit the NAS/Network gear they are allowed to access/authenticate against....I am looking for one straight for example. I would like user1 to be able to access device 10.1.1.1 and user2 to be able to access 10.1.1.2 and 10.1.1.3 and 10.1.1.4..... Thanks, Scott
Ellis, Scott 1 (N-Comptel Inc.) wrote:
I am using PAM for Auth-Type. I want to be able to either 1) restrict the devices the user has access to (admins,operators, etc) by username and/or 2) preferably carve into groups my network gear/NAS devices and then assign users to groups.
See "man rlm_passwd". It's documentation describes how to create groups like this. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog
participants (2)
-
Alan DeKok -
Ellis, Scott 1 (N-Comptel Inc.)