Hi,
I have Freeradius 1.1.6 running on FreeBSD. I authenticate users from a users
file, not from a database. I have three default realms setup in the realms file
and at the top of the users file like so:
DEFAULT Realm == jellico.net
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254,
Framed-IP-Netmask = 255.255.255.255,
Framed-Routing = None,
Framed-Compression = None,
Framed-MTU = 1500,
Fall-Through = 1
DEFAULT Realm == jellico.com
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254,
Framed-IP-Netmask = 255.255.255.255,
Framed-Routing = None,
Framed-Compression = None,
Framed-MTU = 1500,
Fall-Through = 1
Then a list of users follows. Here's one example:
lisa Auth-Type = Local, Password == xxxxxxx
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254,
Framed-IP-Netmask = 255.255.255.255,
Framed-Routing = None,
Framed-Compression = None,
Framed-MTU = 1500,
Slipstream-Auth = "true"
The way things are setup now, any user can log in with any of the realms I have
defined. For example, I (username lisa) could login as [EMAIL PROTECTED] and
then turn around and login as [EMAIL PROTECTED] My boss would like me to
restrict this so that (for example) lisa could log in as [EMAIL PROTECTED] but
not [EMAIL PROTECTED]
With my setup, can I do this easily (or at all)? If this is possible, please
give me some idea of how to go about doing this.
Thanks,
Lisa Casey
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
