On 13.2.2020 21.02, Johnson, Neil M wrote:
Is the following snippet radius.cfg and users file workable?
I have not tested it yet, but I thought I'd mention a couple of examples from goodies right away.
The goal is to have users authenticate with a unix account and then based on their unix group membership, assign different privilege levels to the switch CLI (cisco).
You may also want to see authorize-group1.cfg and authorize-group2.cfg in goodies in case you would be interested in using something else than unix accounts. This is not to say your configuration does not work, but they might be useful to see because there were group authorisation updates in release 4.20:
- GroupFilename config parameter was added for AuthBy FILE; and - a completely new check item Group-Authorization was added These are mentioned in version history too. See changes for 4.20: https://open.com.au/radiator/history.html Thanks, Heikki -- Heikki Vatiainen <[email protected]> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, TACACS+, PAM, Active Directory, EAP, TLS, TTLS, PEAP, WiMAX, RSA, Vasco, Yubikey, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, etc. _______________________________________________ radiator mailing list [email protected] https://lists.open.com.au/mailman/listinfo/radiator
