two user authentication groups for one AS
Eric
bbahar3 at gmail.com
Sat Jan 9 13:47:16 CET 2010
Yes you are right but I have some problems in config:
I set a vpn server address in client.conf and in users as:
DEFAULT Client-IP-Address == 192.168.20.13, Auth-Type := Vpn, Autz-Type :=
Vpn,
in radiusd.conf:
ldap ldap-Vpn{
server = "192.168.10.1"
.....
profile_attribute = "vpnProfileDn"
access_attr = "vpnAccess"
....
}
sqlcounter monthly-Vpn {
counter-name = Monthly-Session-Time
check-name = Max-Monthly-Session
sqlmod-inst = sql-Vpn
key = User-Name
reset = monthly
query = "SELECT SUM(AcctSessionTime - GREATEST((%b -
UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='%{%k}' AND
UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > %b "
}
Autz-Type Vpn{
ldap-Vpn
monthly-Vpn
}
Auth-Type Vpn{
ldap-Vpn
}
Acct-Type Vpn {
sql-Vpn
}
Now the users that come from this vpn server are the same but there are
parameters in ldap server that are different in admins and other users. I
want give to admins' session-timeout different amount than others, but
counter gives remain of monthly-count to users as session-timeout.
It is good for regular users but how and where I should give this parameter
to admins as different amount?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100109/1b722a60/attachment.html>
More information about the Freeradius-Users
mailing list