(RADIATOR) assigning Tunnel-provate-group-id values based upon Active directory groups
Hugh Irvine
hugh at open.com.au
Fri May 19 20:32:53 CDT 2006
Hello Alex -
You should probably use a separate AuthBy LDAP2 clause to check the
additional group membership.
Something like this:
# define Realm or Handler
<Handler ...>
AuthByPolicy ContinueWhileAccept
<AuthBy LSA>
.....
</AuthBy>
<AuthBy LDAP2>
.....
</AuthBy>
.....
</Handler>
hope that helps
regards
Hugh
On 20 May 2006, at 01:15, Alex Sharaz wrote:
> Chaps,
> I've got a windoze based radius server using AuthByLSA to provide
> authentication for our (trapeze) wireless network.
>
> It has been suggested that we configure radius so that we assign a
> specific Tunnel-Private-Group-Id vale based upon the Windows global
> group a user is a member of.
>
> Is it possible to return a TPGI value based upon a specific group? How
> would I configure this?
>
> TIA
> Alex
> **********************************************************************
> *******************
> To view the terms under which this email is distributed, please go
> to http://www.hull.ac.uk/legal/email_disclaimer.html
> **********************************************************************
> *******************
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list