How to transfer authentication method from system to mysql?
darkblue
darkblue2000 at gmail.com
Sun Dec 4 14:38:50 CET 2005
Hi experts,
I got a problem when using freeradius for authentication network staff
to login the network device.
we have two type of devices, 3com and cisco, they are have difference
VSA,at the same time, the network staff are divided into two group:
admin and monitor, the admin have the read/write privilige, the
monitor should only have read privilige.So I use such users file:
/etc/freeradius/users
DEFAULT Auth-Type := System, Group == "admin", Huntgroup-Name == "cisco"
Service-Type = NAS-Prompt-User,
Cisco-AVPair = "shell:priv-lvl=15",
Login-Service = Telnet
DEFAULT Auth-Type := System, Group == "monitor",
Huntgroup-Name == "cisco"
Service-Type = NAS-Prompt-User,
Cisco-AVPair = "shell:priv-lvl=1",
Login-Service = Telnet
DEFAULT Auth-Type := System, Group == "admin", Huntgroup-Name == "3com"
Login-Service = Telnet,
3Com-User-Access-Level = 3
DEFAULT Auth-Type := System, Group == "monitor",
huntgroup-Name == "3com"
Login-Service = Telnet,
3Com-User-Access-Level = 1
and create 4 accounts within debian linux, for example, aaa, bbb, ccc,
ddd. aaa and bbb are member of admin group, ccc and ddd are member of
monitor group,
debian sarge linux group info
/etc/group(debian linux)
admin:x:1001:aaa,bbb
monitor:x:1010:ccc,ddd
the /etc/huntgroup:
cisco NAS-IP-Address == 192.168.1.1
cisco NAS-IP-Address == 192.168.1.2
cisco NAS-IP-Address == 192.168.1.3
3com NAS-IP-Address == 192.168.1.4
3com NAS-IP-Address == 192.168.1.5
3com NAS-IP-Address == 192.168.1.6
this kind of configuration work just fine. and now, I would like to
use mysql for user db backend. So I got two problem.
1. could mysql utilize the huntgroup file?
2. how to transfer this user info , group check and group reply info
into mysql?
--
He is nothing
--
He is nothing
More information about the Freeradius-Users
mailing list