mpd+freeradius+AD

Nikos Vassiliadis nvass at teledomenet.gr
Mon Jun 26 12:22:24 CEST 2006


On Monday 26 June 2006 09:55, Егоров Сергей wrote:
> Hi all! I have completed setup of mpd+freeradius+AD 2003. Now my users
> authenticating from Active Directory, if they are members of specific
> group. But I still have some questions:
>
> 1.	How to make a different timeouts for different groups in AD
> 2.	How to appoint special IP for special users
> 3.	How to restrict users to access only to defined IP in my network

You can use one of the three firewalls avaliable in the base system(ipfw, ipf
and pf), however mpd comes with a small dictionary  that uses ipfw(8) and you
can easily define some filter bound to an interface (bound to a username) via a
radius reply attribute, let filter be a pipe(for bandwidth control) or a packet
filtering expression. So, if you want different rules for different usernames
ipfw is the sensible packet filter to use.

You can find the radius section of mpd, here:
http://www.bretterklieber.com/mpd/doc4/mpd28.html

Your questions don't clearly tell where your problem is.
Active Directory? mpd? or FreeRADIUS? You should define
them better in order to get help from the list.

HTH a bit, Nikos



More information about the Freeradius-Users mailing list