(RADIATOR) WISPr-Bandiwidth control using Active Directory authentification.

Mario Lopez mario at openlink.es
Sat Dec 20 10:54:41 CST 2003


I will expose mi problem.

I am using Active Directory authentification which works ok, my problem is
that I have several kinds of users that depending on what they pay they get
a bandwidth limit, I can do bandwidth control in a per-user basis using the
WISPr VSA's included in dictionary file (Bandwidth-Max-Up,
Bandwidth-Max-Down), the problem is that I need to send this attributes when
user belongs to a specific Windows Group.

For example, if I had user Mario wich belongs to Windows Group 
"Access 512-512", I would need to send the corresponding VSA attribute to
limit the bandwidth.

I know how to send the VSA's with "AddToReply", I can even send them with
AuthAttrDef reading the attributes from Active Directory.

What I would like to do is send the reply VSA IF the user belongs to Windows
Group = X.

Could I use the CheckGroup statement?

Is it possible to set CheckGroup Access512-512,WISPr-Bandwidth-Max-Down=512
and then send the WISPr-Bandwidth-Max-Down attribute?.

Another problem I am having is that Radiator does not know how to identify
concurrent conections from my NAS, because is treats them all as being from
the same user.



Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list