Hello, Is it possible for FreeRadius to perform grouping after Kerberos authentication accepted?
My company has many switches and servers and we use kerberos 5 for RADIUS authentication. Once the user is authenticated, RADIUS will check and decide if this user can access the switches or particular servers (i.e. Allow telnet to the switch if the user belongs to the 'switch administrator' group). I've looked in the huntgroup file but it seems to require a lot of works for a very large company (5000+ users), and the problem is we can't touch the Kerberos server. Any help would be appreciated. Thank you Regards, Jason - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html