(RADIATOR) authby LSA nested groups
Kliger, Sean C
skliger at fhcrc.org
Thu Nov 1 10:45:29 CST 2007
Gentlemen--
We're setting up a remote access server and using <AuthBy LSA> and
that's working. What we'd like to do though, is use nested groups (aka
groups within a group) and it's my understanding that Radiator is
currently unable to do this so we've currently defined groups in
Radiator. What we'd like is to have a globabl AD group such as 'webvpn'
and then let various admins dump their users or OUs into the global
group. So, two questions:
1. Is my understanding of Radiator and nested groups correct?
2. If so, are there plans to support nested groups?
The appropriate section of radius.cfg is:
<Handler Client-Identifier=webvpn-servers>
<AuthBy LSA>
Domain xxx
Group ADM
Group CRD
#[more groups here but removed for size]
</AuthBy>
# Log it
AuthLog webvpn-authlog
AcctLogFileName %L/Acct/%Y-%m-%d-acct
</Handler>
--Sean
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list