[RADIATOR] IPv6 TACACS+
Alexander Hartmaier
alexander.hartmaier at t-systems.at
Tue May 25 12:19:56 CDT 2010
Hi Hugh,
can you please explain 'put the users in the respective groups according
to the device they log in from'?
Afaik a user is in a specific AuhorizeGroup, independent of the device
he's logging into.
--
Best regards, Alex
Am Montag, den 24.05.2010, 12:08 +0200 schrieb Hugh Irvine:
> Hello Alex -
>
> You would typically define different groups in the ServerTACACSPLUS AuthorizeGroup lines:
>
>
> .....
>
> AuthorizeGroup ThisGroup ....
> AuthorizeGroup ThisGroup .....
>
> .....
>
> AuthorizeGroup ThatGroup .....
> AuthorizeGroup ThatGroup .....
>
> .....
>
> AuthorizeGroup SomeOtherGroup .....
> AuthorizeGroup SomeOtherGroup .....
>
> .....
>
>
> and then put the users in the respective groups according to the device they log in from.
>
> regards
>
> Hugh
>
>
>
> On 21 May 2010, at 03:41, Alexander Hartmaier wrote:
>
> > Hi,
> >
> > we're looking for a way to not only limit what a user of a group is
> > allowed to to (=authorization) but also on which devices.
> >
> > Is there a recommended way of grouping tacacs+ clients so the groupname
> > can be used as e.g. check attribute for the tacacsgroup?
> >
> > --
> > Best regards, Alex
> >
> >
> > Am Mittwoch, den 12.05.2010, 11:02 +0200 schrieb Hugh Irvine:
> >> Hello Subash -
> >>
> >> See "goodies/tacplus.txt" (I have included it in this email for your convenience).
> >>
> >> regards
> >>
> >> Hugh
> >>
> >>
> >
> >
> > *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
> > T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien
> > Handelsgericht Wien, FN 79340b
> > *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
> > Notice: This e-mail contains information that is confidential and may be privileged.
> > If you are not the intended recipient, please notify the sender and then
> > delete this e-mail immediately.
> > *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
> > _______________________________________________
> > radiator mailing list
> > radiator at open.com.au
> > http://www.open.com.au/mailman/listinfo/radiator
>
>
>
> NB:
>
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>
More information about the radiator
mailing list