Hello Freerk -
It is possible to do almost anything with Radiator, however in answer to this particular question, I need to know what the network segments described below correspond to in radius terms? Are there different radius client NAS(s) that are located on these different segments? If so you could do something like this:
# define Client clauses
<Client n.n.n.n>
Identifier 141.252.x.x/16
.....
</Client>
<Client m.m.m.m>
Identifier 141.252.19.x/24
.....
</Client>
.....
<Handler Client-Identifier = 141.252.x.x/16>
<AuthBy LDAP2>
.....
</AuthBy>
.....
</Handler>
<Handler Client-Identifier = 141.252.19.x/24>
<AuthBy FILE>
.....
</AuthBy>
.....
</Handler>
There are other possibilities depending on exactly how you need to recognise the network segments.
regards
Hugh
On Wednesday, Mar 19, 2003, at 06:04 Australia/Melbourne, Freerk Bosscha wrote:
Thanks for reading this mail.
�
I would like to do the following:
�
The primary authentication is done with openldap on my linux 8.0 box.
This is for the network 141.252.x.x/16
�
For a small segment 141.252.19.x/24 I would like to use a file-based user authentication.
�
How do I need to set up the
�
Can I use something like:
�
<Realm 141.252.19.0/24>
����������� file authorization
</Realm>
�
<Realm DEFAULT>
����������� ldap authorization
</Realm>
�
�
Thanks for any reply,
�
Freerk Bosscha
Noordelijke Hogeschool Leeuwarden
The Netherlands
�
[EMAIL PROTECTED]
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
