(RADIATOR) Realms
Hugh Irvine
hugh at open.com.au
Mon Sep 17 20:51:41 CDT 2001
Hello Jesus -
I am confused as to what you what to do.
How are the users stored in the database - with realms or without?
Ie: "someuser at cnnw" or just "someuser"?
And do you want all radius requests to come to Radiator first?
And is there anything else you want to do with realms? In other words, what
is supposed to happen with resellers?
Assuming Radiator is the first radius server, and assuming your users are
stored without realms, here is what I would do:
# define AuthBy clauses
<AuthBy RADMIN>
Identifier CheckRadmin
DBSource dbi:mysql:radmin:localhost
DBUsername xyzxyz
DBAuth verysecret
.......
</AuthBy>
<AuthBy RADIUS>
Identifier ProxyToMerit
Host 208.187.190.253
Secret verysecret
AuthPort 1645
IgnoreAccountingResponse
</AuthBy>
# define Realms
<Realm DEFAULT>
RewriteUsername s/^([^@]+).*/$1/
AuthBy CheckRadmin
</Realm>
<Realm cnnw>
AuthBy ProxyToMerit
</Realm>
hth
Hugh
On Tuesday 18 September 2001 10:08, Jesus Duarte wrote:
> Hello,
>
> I am trying to authenticate users under three criteria. The
> default works but there are other realms that we use when our
> reseller customers and even our own customers authenticate through
> third party modem aggregations.
>
> All but one realm , "cnnw", are in one MySQL database and "cnnw"
> is on another BSDi server using the UNIX password file and an older
> version of MERIT AAA Radius. I have set up the server with MySQL as a
> client in the MERIT AAA server. Does what I have here seem like it will do
> the trick or am I going in the wrong direction?
>
>
> <Realm DEFAULT>
> <AuthBy RADMIN>
> DBSource dbi:mysql:radmin:localhost
> DBUsername xyzxyz
> DBAuth verysecret
> ........
>
> </AuthBy>
> </Realm>
>
> <Realm ipns.com>
> <AuthBy RADMIN>
> DBSource dbi:mysql:radmin:localhost
> DBUsername xyzxyz
> DBAuth verysecret
> .......
> </AuthBy>
> </Realm>
>
> <Realm rmwt.com>
> <AuthBy RADMIN>
> DBSource dbi:mysql:radmin:localhost
> DBUsername xyzxyz
> DBAuth verysecret
> .......
> </AuthBy>
> </Realm>
>
> <Realm cnnw>
> <AuthBy RADIUS>
> Host 208.187.190.253
> Secret verysecret
> AuthPort 1645
> IgnoreAccountingResponse
> </AuthBy>
> </Realm>
>
> Der Hausmeister
> ~~~~~~JESUS
> ~~~~~~
> Jesus Duarte
> UNIX System Administrator (geek)
> IPNS/CNNW
>
> jesus at cnnw.net jduarte at cnnw.net postmaster at cnnw.net
> abuse at cnnw.net support at cnnw.net dns at cnnw.net
> abuse at ipns.com jesus at ipns.com
>
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list