[RADIATOR] IPv6 TACACS+

Alexander Hartmaier alexander.hartmaier at t-systems.at
Tue May 25 12:19:56 CDT 2010 

Hi Hugh,

can you please explain 'put the users in the respective groups according
to the device they log in from'?

Afaik a user is in a specific AuhorizeGroup, independent of the device
he's logging into.

-- 
Best regards, Alex


Am Montag, den 24.05.2010, 12:08 +0200 schrieb Hugh Irvine:
> Hello Alex -
> 
> You would typically define different groups in the ServerTACACSPLUS AuthorizeGroup lines:
> 
> 
> 	.....
> 
> 	AuthorizeGroup ThisGroup ....
> 	AuthorizeGroup ThisGroup .....
> 
> 	.....
> 
> 	AuthorizeGroup ThatGroup .....
> 	AuthorizeGroup ThatGroup .....
> 
> 	.....
> 
> 	AuthorizeGroup SomeOtherGroup .....
> 	AuthorizeGroup SomeOtherGroup .....
> 
> 	.....
> 
> 
> and then put the users in the respective groups according to the device they log in from.
> 
> regards
> 
> Hugh
> 	
> 
> 
> On 21 May 2010, at 03:41, Alexander Hartmaier wrote:
> 
> > Hi,
> > 
> > we're looking for a way to not only limit what a user of a group is
> > allowed to to (=authorization) but also on which devices.
> > 
> > Is there a recommended way of grouping tacacs+ clients so the groupname
> > can be used as e.g. check attribute for the tacacsgroup?
> > 
> > --
> > Best regards, Alex
> > 
> > 
> > Am Mittwoch, den 12.05.2010, 11:02 +0200 schrieb Hugh Irvine:
> >> Hello Subash -
> >> 
> >> See "goodies/tacplus.txt" (I have included it in this email for your convenience).
> >> 
> >> regards
> >> 
> >> Hugh
> >> 
> >> 
> > 
> > 
> > *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
> > T-Systems Austria GesmbH   Rennweg 97-99, 1030 Wien
> > Handelsgericht Wien, FN 79340b
> > *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
> > Notice: This e-mail contains information that is confidential and may be privileged.
> > If you are not the intended recipient, please notify the sender and then
> > delete this e-mail immediately.
> > *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
> > _______________________________________________
> > radiator mailing list
> > radiator at open.com.au
> > http://www.open.com.au/mailman/listinfo/radiator
> 
> 
> 
> NB: 
> 
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets), 
> together with a trace 4 debug showing what is happening?
>

More information about the radiator mailing list