Sergio Belkin wrote: > 2009/6/5 John Dennis <[email protected]>: >> Sergio Belkin wrote: >>> Hi, >>> >>> Let's suppose that John Doe comes and login with jdoe uid, then Joe >>> comes and wants to use wireless network, but he has not entry neither >>> Ldap nor in radius users file, so he ask for jdoe that pass him its >>> uid and password to login. Sorry if that sounds somewhat stupid but >>> can we prevent that from radius? (please don't tell me to fire John >>> Doe ;) ). >>> >> I don't understand the problem or what you're trying to solve. So what >> if Joe mistakenly tries to used John's username, it won't work as he >> won't know Joe's password. This is no different than an attempted >> network break in which should be prevented by locking your resources >> down and ensuring strong passwords. Never in any instance will resources >> authorized for one user be granted to another user unless you've >> configured something wrong. If the problem is that both John and Joe >> want the same username then one needs to explain to Joe that username is >> already in use and he'll have to use another one. >> >> -- >> John Dennis <[email protected]> >> > > > What I meant if that employee John pass his coworker Joe their > credentials, both user and password, well that could not be so > terrible. Now, let's suppose then that your company organize an event > an come 100 people, they want to use wireless network, so John comes > and has the "great" idea of passing their credentials to attendants, > so you have more than 100 people using the same uid and password at > once... > >
Read the FAQ (http://wiki.freeradius.org/FAQ) and search for "simultaneous" -- John Dennis <[email protected]> Looking to carve out IT costs? www.redhat.com/carveoutcosts/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
