Authenticate users from multiple realms on the same NAS

Francois-Xavier GAILLARD fx.gaillard at thefox.com.fr
Fri Aug 11 23:36:43 CEST 2006


Le Fri, Aug 11, 2006 at 02:48:33PM -0400, Alan DeKok ecrivait:
> Scott Lambert <lambert at lambertfam.org> wrote:
> > I was thinking about putting everything into mysql/postgresql databases.
> 
>   That gets a little harder, because you effectively have 3 passwords
> for the user, and want any one of them to work.  Th eserver sn't
> really set up to do that right now...
> 
>   It could be done with a little bit of work, which isn't hard, but
> it's a rare enough request that it hasn't been done until now.

I would do it that way:

I would use hints file to rewrite the User-Name depending on the
Called-Station-ID and Medium-Type.

This way you could:

- rewrite dialup user bob into bob at isp1 when Called-Station-Id is present
- rewrite DSL user bob into at isp2 when Called-Station-Id isn't present

This way you can have bob at isp1 and bob at isp2 into the same database
without any problem.

It's a bit tricky, any easier way Alan ?

Regards,
Fox.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060811/963a519d/attachment.pgp>


More information about the Freeradius-Users mailing list