mysql huntgroups Access-Reject
GeneTitus
gene at ots.utsystem.edu
Wed Dec 15 18:08:45 CET 2010
Greetings from Texas.
I'm setting up freeradius to authenticate/authorize network engineers to log
into cisco and juniper devices. Some devices we share with other
organizations. I need to be able to allow some engineers access to some
devices and not others. I'm running on redhat with Mysql as the backend.
I'll will be writing a web front end to manage our radius server(s) once I
get a working configuration for our situation..
I have freeradius 2.1.7. That's the rpm for redhat 5.4.
I have radcheck and radreply working. (username and password checking)
I have radusergroup, radgroupcheck, radgroupreply working if I populate the
huntgroups flat file with appropriate information.
I can set shell:privs on ciscos for a specific user based on group
membership via radgroupreply.
As I understand it, if I move huntgroups out of the flat file (preprocess)
and into mysql, I loose the ability to send an Access-Reject based on
huntgroups.
Is that correct?
Thanks,
Gene Titus
The Office of Telecommunication Services
The University of Texas at Austin
--
View this message in context: http://freeradius.1045715.n5.nabble.com/mysql-huntgroups-Access-Reject-tp3306623p3306623.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
More information about the Freeradius-Users
mailing list