(RADIATOR) authby LSA nested groups

Kliger, Sean C skliger at fhcrc.org
Thu Nov 1 10:45:29 CST 2007


We're setting up a remote access server and using <AuthBy LSA> and
that's working.  What we'd like to do though, is use nested groups (aka
groups within a group) and it's my understanding that Radiator is
currently unable to do this so we've currently defined groups in
Radiator.  What we'd like is to have a globabl AD group such as 'webvpn'
and then let various admins dump their users or OUs into the global
group.  So, two questions:

1. Is my understanding of Radiator and nested groups correct?
2. If so, are there plans to support nested groups?

The appropriate section of radius.cfg is:

<Handler Client-Identifier=webvpn-servers>

	<AuthBy LSA>
		Domain xxx
		Group ADM
		Group CRD
		#[more groups here but removed for size]

	# Log it
	AuthLog			webvpn-authlog
	AcctLogFileName		%L/Acct/%Y-%m-%d-acct


Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list