Hi experts,
I got a problem when using freeradius for authentication network staff
to login the network device.
we have two type of devices, 3com and cisco, they are have difference
VSA,at the same time, the network staff are divided into two group:
admin and monitor, the admin have the read/write privilige, the
monitor should only have read privilige.So I use such users file:
/etc/freeradius/users
DEFAULT Auth-Type := System, Group == "admin", Huntgroup-Name == "cisco"
Service-Type = NAS-Prompt-User,
Cisco-AVPair = "shell:priv-lvl=15",
Login-Service = Telnet
DEFAULT Auth-Type := System, Group == "monitor",
Huntgroup-Name == "cisco"
Service-Type = NAS-Prompt-User,
Cisco-AVPair = "shell:priv-lvl=1",
Login-Service = Telnet
DEFAULT Auth-Type := System, Group == "admin", Huntgroup-Name == "3com"
Login-Service = Telnet,
3Com-User-Access-Level = 3
DEFAULT Auth-Type := System, Group == "monitor",
huntgroup-Name == "3com"
Login-Service = Telnet,
3Com-User-Access-Level = 1
and create 4 accounts within debian linux, for example, aaa, bbb, ccc,
ddd. aaa and bbb are member of admin group, ccc and ddd are member of
monitor group,
debian sarge linux group info
/etc/group(debian linux)
admin:x:1001:aaa,bbb
monitor:x:1010:ccc,ddd
the /etc/huntgroup:
cisco NAS-IP-Address == 192.168.1.1
cisco NAS-IP-Address == 192.168.1.2
cisco NAS-IP-Address == 192.168.1.3
3com NAS-IP-Address == 192.168.1.4
3com NAS-IP-Address == 192.168.1.5
3com NAS-IP-Address == 192.168.1.6
this kind of configuration work just fine. and now, I would like to
use mysql for user db backend. So I got two problem.
1. could mysql utilize the huntgroup file?
2. how to transfer this user info , group check and group reply info
into mysql?
--
He is nothing
--
He is nothing
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
