(RADIATOR) Auth by NT group & Radius rejects expired password s

Kent, Ashley akent at ue.com.au
Fri Jun 28 01:48:30 CDT 2002


Richard,


Here's an example of using AuthBy NT and checking against a group. There are
two files - "Radiator.cfg" and "CheckUnitedDomain.cfg". They shows how users
belonging to the domain "UNITED" are authenticated. Radiator checks the
domain controller INFPRD05. If the user has a valid username, password and
is a member of the group Rad-Int then they authenticated.


----------------------------------------------------------------------------
----------------------------------------------------------------------------
-
Radiator.cfg
----------------------------------------------------------------------------
----------------------------------------------------------------------------
-

# Globals
Foreground
LogDir		./Logs
LogFile		%L/radiatorlog.txt
DbDir 		.
Trace			3


# Clients
<Client 192.168.204.2>
	Identifier PIX
	Secret xxxxxxxxx
</Client>


# AuthBy Clauses
<AuthBy NT>
	Identifier CheckInfprd05NT
	Domain UNITED
	DomainController \\infprd05
</AuthBy>

<AuthBy FILE>
	Identifier CheckOutPIX-United-Infprd05
	Filename ./Configs/CheckUnitedDomain.cfg
</AuthBy>


# AuthLog Clauses
<AuthLog FILE>
	Identifier UnitedInternetAccess
	Filename %L/Internet/united-authfailure.txt
	LogSuccess 0
	LogFailure 1
	FailureFormat United Internet Logon Fail %H:%M:%S %v %d %Y  %U
</AuthLog>


# Handler for outbound requests through the PIX
<Handler Client-Identifier = PIX>
	AuthBy CheckOutPIX-United-Infprd05
	AuthLog UnitedInternetAccess
</Handler>







----------------------------------------------------------------------------
----------------------------------------------------------------------------
-
CheckUnitedDomain.cfg
----------------------------------------------------------------------------
----------------------------------------------------------------------------
-
DEFAULT Auth-Type=CheckInfprd05NT, Group = Rad-Int








Hope this helps,



Ash.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list