[RADIATOR] Radiator/TACACS+ via ADSI

Kim, Steve Tue, 08 Nov 2011 10:28:37 -0800

Hi experts,

I'm testing Radiator/TACACS+ via authentication from AD with ADSI.
I'd like to accomplish that a group member in AD only can authenticated.
Can someone take a look following config and see if there is(are) any error(s)?


Thanks in advance.

So, here is my radius.cfg where I need your expertise.

<AuthBy ADSI>

           Identifier ADSI

           BindString  LDAP://ou=Users,ou=xxx Users,dc=xx,dc=xx,dc=xx
            AuthUser %0
            AuthFlags 1
</AuthBy >

<ServerTACACSPLUS >
             AddToRequest NAS-Identifier=TACACS

             GroupMemberAttr tacacsGroup

             AuthorizationTimeout 600

      BindAddress 0.0.0.0
      GroupCacheFile %L/radiator-tacacs-usergroup.cache
      IdleTimeout 180
      MaxBufferSize 100000
      PasswordPrompt Password:
      Port 49
      SingleSession 1
      UsernamePrompt Username:

      <Log FILE>
            Filename %L/logfile-tacacs
            Trace 4
      </Log>
</ServerTACACSPLUS>

<Handler NAS-Identifier=TACACS>
        <AuthBy FILE>
            Filename %D/users.groups
        </AuthBy>
            AcctLogFileName %D/detail
</Handler>

Here is users.groups:

DEFAULT Auth-Type=ADSI, Group="networking_staff"

_______________________________________________
radiator mailing list
[email protected]
http://www.open.com.au/mailman/listinfo/radiator

[RADIATOR] Radiator/TACACS+ via ADSI

Reply via email to