Whitmarsh Mark (Leeds Teaching Hospitals NHS Trust) wrote:
Hi Alan,
Thanks for the simplifications - I've put those in.
I have done lots more reading and testing and found that any attribute I
check for in a group file which has type ipaddr fails. I cannot see why this
is.
When debug
@lists.freeradius.org] On
Behalf Of Alan DeKok [al...@deployingradius.com]
Sent: 07 July 2010 11:16
To: FreeRadius users mailing list
Subject: Re: Restricting certain users access to certain NAS devices
Whitmarsh Mark (Leeds Teaching Hospitals NHS Trust) wrote:
Hi Alan,
Thanks
: Restricting certain users access to certain NAS devices
Whitmarsh Mark (Leeds Teaching Hospitals NHS Trust) wrote:
Thanks Alan. I've got that bit working now.
However, I can't get my check on the NAS-IP-Address attribute to work.
I now have this config:
OK... that should configure two groups.
File
Whitmarsh Mark (Leeds Teaching Hospitals NHS Trust) wrote:
Thanks Alan. I've got that bit working now.
However, I can't get my check on the NAS-IP-Address attribute to work.
I now have this config:
OK... that should configure two groups.
File sites-enabled/default - post-auth section
@lists.freeradius.org] On
Behalf Of Alan DeKok [al...@deployingradius.com]
Sent: 27 May 2010 17:02
To: FreeRadius users mailing list
Subject: Re: Restricting certain users access to certain NAS devices
Whitmarsh Mark (Leeds Teaching Hospitals NHS Trust) wrote:
Sorry, I should have mentioned I already tried man
users access to certain NAS devices
Whitmarsh Mark (Leeds Teaching Hospitals NHS Trust) wrote:
The idea is that superusers are allowed to login to any of the 200 network
devices whilst users are only allowed to login to a subset of say 50 devices.
It's straightforward enough for the superusers
Whitmarsh Mark (Leeds Teaching Hospitals NHS Trust) wrote:
Sorry, I should have mentioned I already tried man rlm_passwd and couldn't
figure it out.
I've been through it again and have made the following changes:
1. created a file /etc/raddb/path_group
Whitmarsh Mark (Leeds Teaching Hospitals NHS Trust) wrote:
The idea is that superusers are allowed to login to any of the 200 network
devices whilst users are only allowed to login to a subset of say 50 devices.
It's straightforward enough for the superusers and works fine but I'm stumped
on
8 matches
Mail list logo