Hello Alan,
On Wed, 9 Jan 2002 10:38, Joanne Davis wrote:
> > >Received: from niaws.magnet.mt ([217.30.97.15])
> >
> > by server1.open.com.au (8.11.0/8.11.0) with ESMTP id g08BwB331598
> > for <[EMAIL PROTECTED]>; Tue, 8 Jan 2002 05:58:11 -0600
> >X-Map-MIXER-Originators: false
> >To: "Joanne Davis"
> > <[EMAIL PROTECTED]>
>
> From: "Attard Alan at MITTS"
>
> > <[EMAIL PROTECTED]>
> >Date: 8 Jan 2002 14:41:00 +0100
> >Subject: Re(2): Radiator Evaluation Request
> >Envelope-ID: [EMAIL PROTECTED]
> >X-Mailer: TeamWARE Connector for MIME
> >
> >Hi Joanne,
> >
> >We have just started testing Radiator in our testing setup. Please find
> >attached our proposed setup.
> >We currently have the same setup, but using Microsoft IAS as our Radius
> >Server.
> >
> >We have managed to authenticate using Radiator with Microsoft Active
> > Directory with a very basic configuration,
> >but we still need lots of configuration.
> >
> >Our Active Directory users reside in different OU's according to there
> > site, eg. CN=user1,OU=site1,DC=isp,DC=mitts,DC=net
> > CN=user2,OU=site2,DC=isp,DC=mitts,DC=net
> >
> >We have different Groups assigned to the users to specify different
> > Policy, eg. GROUP->FullTimeHTTP gives 24hr accees
> > GROUP->AfternoonHTTP gives access from 12:00 to 20:00
> >
> >We still didn't figure out how to assign these different policies in our
> >configuration file.
> >We need to disable multiple login (we are testing sessions with MS-SQL
> > 2000)
> >
> >Can you please send us an example configuration file which reflects our
> > needs. Regards,
The usual way to do something like that is to have an intermediate AuthBy
FILE that specifies the additional check items, something like this (untested
and incomplete)
# This is the real authenticator. It is able to check groups
<AuthBy whatever>
Identifier real_authenticator
...
</AuthBy>
<Realm DEFAULT>
<AuthBy FILE>
Filename whatever
</AuthBy>
</Realm>
And in the file specified in the AuthBy FILE, you would have something like
this:
DEFAULT Auth-Type=real_authenticator, Group=FullTimeHTTP
DEFAULT Auth-Type=real_authenticator, Group=AfternoonHTTP, Time=Al1200-2000
.....
Cheers.
> >
> >Alan
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
