Hosts restriction with FreeRadius and OpenLDAP
tnt at kalik.net
tnt at kalik.net
Thu Jan 29 14:02:10 CET 2009
>I'm setting up a freeradius configuration for authenticating users on a
>number of technologies (pix, nokia, ...). Users accounts are stored in a
>backend OpenLDAP.
>
>I'm willing to allow users to authenticate to specific machines, that I
>would like to choose and administrer from the accounts on the LDAP server
>(in a centralized manner).
>
>Is this possible, and how could I implement it?
Create a huntgroup with IPs of the machines from which administartors can
log in. Then add to users file:
DEFAULT Ldap-Group = admin_group,Huntgroup-Name != whatever, Auth-Type
:= Reject
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list