(RADIATOR) Minimum Handler + AuthBy to reject?

Hugh Irvine hugh at open.com.au
Mon May 21 05:59:57 CDT 2001 

Hello Neale -

The answer probably depends on what else you are wanting to do in your 
configuration file and/or your LDAP database.

I would suggest however, that a couple of DEFAULT entries in an AuthBy FILE 
might work for you. Something like this:

# users file

DEFAULT Client-Identifier=foo, NAS-Port-Type=Sync, Auth-Type=Reject....

DEFAULT Auth-Type=CheckLDAP


and in the configuration file:

# define AuthBy clauses

<AuthBy LDAP2>
	Identifier CheckLDAP
	......
</AuthBy>

<AuthBy FILE>
	Identifier CheckFILE
	.....
</AuthBy>

# define Handler(s)

<Handler>
	AuthBy CheckFILE
</Handler>


hth

Hugh



On Monday 21 May 2001 19:45, Neale Banks wrote:
> I suspect there is a simple answer to this... ;-)
>
> Currently I have:
>
> <Handler Client-Identifer=foo>
> 	[Blah]
> 	<AuthBy LDAP2>
> 		[other blah]
> 	</AuthBy>
> </Handler>
>
> and it works just fine :-)  However, there's a need to refuse ISDN
> Authentication attempts, So I figure a solution like this:
>
> <Handler
> Client-Identifer=foo,Nas-Port-Type=Sync,Request-Type=Access-Request>
> <AuthBy ????>
> 		[????]
> 	</AuthBy>
> </Handler>
> <Handler Client-Identifer=foo>
> 	[Blah]
> 	<AuthBy LDAP2>
> 		[other blah]
> 	</AuthBy>
> </Handler>
>
> I suppose I could use
>
> <Handler
> Client-Identifer=foo,Nas-Port-Type=Sync,Request-Type=Access-Request>
> <AuthBy FILE>
> 		FileName /foo/bar
> 	</AuthBy>
> </Handler>
>
> and either use an empty file (assuming it's permissible) or a single
> DEFAULT entry like say:
>
> DEFAULT	Auth-Type = "Reject: ISDN calls not allowed"
>
> But is there anything simpler/more-elegant?
>
> Thanks,
> Neale.
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

-- 
Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list