Hello Firas -
Thanks for sending the configuration file.
Here is how to do what you require:
# configure AuthBy UNIX with Identifier for later use
<AuthBy UNIX>
Identifier check_shadow
Filename /etc/shadow
</AuthBy>
# configure AuthBy UNIX with Identifier for later use
<AuthBy UNIX>
Identifier check_coolpass
Filename /etc/coolpass
</AuthBy>
# configure AuthBy FILE with Identifier for later use
<AuthBy FILE>
Identifier check_shadow_sim_use
DefaultSimultaneousUse 1
Filename %D/users.shadow
</AuthBy>
# configure Realms
<Realm DEFAULT>
AuthBy check_shadow_sim_use
</Realm>
<Realm cool>
RewriteUsername s/^([^@]+).*/$1/
AuthBy check_coolpass
AcctLogFileName ./cooldetail
MaxSessions 1
</Realm>
Then in the file %D/users.shadow, you would have this:
# file %D/users.shadow
# only users with sim-use != 1 are defined here
DEFAULT Auth-Type = check_shadow
someuser Simultaneous-Use = 2, Auth-Type = check_shadow
anotheruser Simultaneous-Use = 3, Auth-Type = check_shadow
......
hth
Hugh
On Mon, 09 Oct 2000, Firas Emsaytif wrote:
> Hello,
>
> Thanks for the reply , below is my configuration. I need to authenticate two
> groups each from diffrent unix file.
>
> I need to allow SOME users in "/etc/shadow" to have more than one session
> allowed, i.e I can allow it as an option for some of those users listed in
> "/etc/shadow" while the rest of users have only one session allowed, as
> implied in the below configuartion.
>
> ================================================
> # simple.cfg
> #
> # Example Radiator configuration file.
> # This very simple file will allow you to get started with
> # a simple system. You can then add and change features.
> # We suggest you start simple, prove to yourself that it
> # works and then develop a more complicated configuration.
> #
> # This example will authenticate from a standard users file in
> # the current directory and log accounting to a file in the current
> # directory.
> # It will accept requests from any client and try to handle request
> # for any realm.
> # And it will print out what its doing in great detail.
> #
> # See radius.cfg for more complete examples of features and
> # syntax, and refer to the reference manual for a complete description
> # of all the features and syntax.
> #
> # You should consider this file to be a starting point only
> # $Id: simple.cfg,v 1.3 2000/02/15 07:07:54 mikem Exp $
>
> Foreground
> LogStdout
> LogDir .
> DbDir .
> # User a lower trace level in production systems:
> Trace 4
>
> # You will probably want to change this to suit your site.
> <Client DEFAULT>
> Secret mysecret
> DupInterval 0
> </Client>
>
> <Realm DEFAULT>
> <AuthBy UNIX>
> Filename /etc/shadow
> </AuthBy>
> # Log accounting to the detail file in LogDir
> AcctLogFileName ./%c/detail
> MaxSessions 1 # HOW CAN I EXCLUDE SOME USERS FROM THIS LIMIT
> </Realm>
>
> <Realm cool>
> RewriteUsername s/^([^@]+).*/$1/
> <AuthBy UNIX>
> Filename /etc/coolpass
> </AuthBy>
> AcctLogFileName ./cooldetail
> MaxSessions 1
> </Realm>
>
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
