Grouping similar users to profiles
Natr Brazell
natrbrazell at gmail.com
Thu Jul 29 17:24:53 CEST 2010
I am looking for information on grouping users into profiles/groups. I've
searched around the FAQ's and docs but not finding a clear picture. I've
found how to associate a user with a group of NAS's.
.
Here's the scenario. There is a specfic VSA from Juniper called
Juniper-Local-User-Name. This gets mapped to a locally defined profile on
the NAS. In the users file I have the following:
bob.smith Juniper-Local-User-Name = "tier3",
mary.jane Juniper-Local-User-Name = "tier3",
bobby.sue Juniper-Local-User-Name = "tier3",
Furthermore there is other VSA's such as the Juniper-Allow-Commands and
Juniper-Deny-Commands. So I can do things like:
billy.bob Juniper-Local-User-Name = "tier2",
Juniper-Deny-Commands "(show system alarms)|(show system
software)"
john.doe Juniper-Local-User-Name = "tier2",
Juniper-Deny-Commands "(show system alarms)|(show system
software)"
So to the point, rather than defining each user with the same parameters
every time, can I create a group, for instance TIER3, and associate
User-Name's above to the group. And if so how or point me to some specific
examples.
I am using LDAP also so if there is an LDAP solution same question. Howto?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100729/64971b2d/attachment.html>
More information about the Freeradius-Users
mailing list