hello everybody.
i am currently setting up a radius-server using freeradius 0.5 under redhat
7.1 for several cisco-routers. well, at least i'm trying to.
currently, i've got huntgroups working, but it's quite uncomfortable to
handle adding a not-so-small-list of users under every NAS-IP-Address in
the huntgroups-file. It gets quite monstrous and unreadable.
when i set this server up i tried to $INCLUDE a list of users (editable,
extra textfile for every huntgroup) under every NAS-IP-Address, but that
didn't work the way i wanted (acutally, it did not work at all - which
means that even users whose huntgroup-access did not match were able to
logon to the system). to display what i mean:
---file: huntgroups (now)
hgr NAS-IP-Address == 10.1.1.1
User-Name = "acre",
User-Name = "hunbun",
[...]
etc.
what did not work was this:
hgr NAS-IP-Address == 10.1.1.1
$INCLUDE users.allow
hgr NAS-IP-Address == 10.1.1.2
$INCLUDE users.allow
etc.
i'm now looking for a way to cut those files down to a minimum (design it
to be more comfortable for admins like me :) and organize it in a way that
makes the files more comfortable to read and more "scriptable", perhaps, to
add users/systems, delete users/systems etc.
i'll gladly appreciate ideas, tips and hints.
thank you very much in advance.
kind regards,
m. pawlowski.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
