users rights seperations
Alan DeKok
aland at deployingradius.com
Tue Jun 29 09:30:55 CEST 2010
Ömer Tuğrul wrote:
> My question is;
> How can I seperate network management authentication and internet access
> authentication rights? I mean, I don't want that some ldap users to
> console my network devices. I just want to allow them to authenticate
> internet access and some ldap users may console to devices.
What is different in the Access-Request?
i.e. when a normal user logs in, what does the packet look like? When
a user logs in via the console, what does the packet look like?
Find out the differences, and write "unlang" rules to check for them.
if (looks like normal user) {
do normal user things...
}
Alan DeKok.
More information about the Freeradius-Users
mailing list