Exec and ntlm_auth
freeradius at corwyn.net
freeradius at corwyn.net
Thu Nov 26 00:17:09 CET 2009
At 05:57 PM 11/25/2009, Rick Steeves wrote:
>I have the cisco configured per that guide already . However, I
>don't want to put user / password info in the users file, because
>that would defeat part of the model of centralized authentication to
>AD. So I want that to feed authentication back to radius > AD as well.
Perhaps my question is how to integrate
Per User Privilege Level
You can also send the privilege level (enable mode is level 15) for
individual users as a reply item to automatically put them into that
level with cisco-avpair = "shell:priv-lvl=15"
You can do this with an entry in your users file similar to the following
youruser Cleartext-Password := "somepass"
Service-Type = NAS-Prompt-User,
cisco-avpair = "shell:priv-lvl=15"
into the AD part, instead of into the users file? I had planned to
just use AD security groups ....
rick
>Rick
More information about the Freeradius-Users
mailing list