rlm_passwd usage

B Thompson bt4 at york.ac.uk
Thu Jul 13 18:02:31 CEST 2006


We used to list all our fifty thousand usernames individually in the
users file, but this made it quite large so following advice on this
mailing list I decided to use rlm_passwd instead. This seems to work
very well and the file size is much smaller. I have configured my
passwd style users file as follows :-

passwd york_passwd {
       filename = /etc/raddb/yorkpasswd
       format =	"*Stripped-User-Name:NT-Password:Crypt-Password"
       hashsize = 100000
       ignorenislike = yes

However, I would now like to restrict access to a particular NAS
device to a particular set of users and I am not sure how best to go
about this. If these users were still listed in the users file I could
do something like this for users allowed access :-

user1 NT-Password := "blah", Crypt-Password := "blah"  

...and this for disallowed users :-

user2 NT-Password := "blah", Crypt-Password := "blah", NAS-Identifier != restrictednas

Could anybody suggest a solution using my rlm_passwd setup?



Ben Thompson
University of York

More information about the Freeradius-Users mailing list