separating Users?
Tim Sylvester
tim.sylvester at networkradius.com
Mon Nov 30 21:01:40 CET 2009
Read the comments in the huntgroups file in the raddb directory. This will
show you how to setup a huntgroup which can be used to authorize users based
on the switch (NAS) sending the authentication request.
Tim
> -----Original Message-----
> From: freeradius-users-
> bounces+tim.sylvester=networkradius.com at lists.freeradius.org
> [mailto:freeradius-users-
> bounces+tim.sylvester=networkradius.com at lists.freeradius.org] On Behalf
> Of freeradius at corwyn.net
> Sent: Monday, November 30, 2009 11:54 AM
> To: FreeRadius users mailing list
> Subject: separating Users?
>
>
>
>
> There's a piece of RADIUS that I'm not understanding.
>
> If I have an entry in my ./users file
> DEFAULT Auth-Type:=Accept,Ldap-Group == "Group1"
> Service-Type=NAS-Prompt-User,cisco-avpair="shell:priv-
> lvl=15"
>
> And another entry
> DEFAULT Auth-Type:=Accept,Ldap-Group == "Group2"
> Service-Type=NAS-Prompt-User,cisco-avpair="shell:priv-
> lvl=15"
>
> where I'm trying to authorize users in Group1 for one set of
> switches, and users in Group2 for another set of switches, how does
> freeradius know which is which?
>
> Rick
>
>
>
>
> Rick Steeves
> http://www.sinister.net
>
> In reality nothing is more damaging to the adventurous spirit within
> a man than a secure future - Alexander Supertramp
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list