Also you could do that by including "Service-Type = Administrative-User" in your Access-Accept.
So in the users file, you can configure a user like this :
super-cisco Auth-Type := Local, User-Password == "whatever"
cisco-avpair = "shell:priv-lvl=15",
Service-Type = Administrative-UserRegards, Jean-Paul.
Jeffrey C. Ollie wrote:
On Wed, 2004-03-03 at 10:39, Alan DeKok wrote:
[EMAIL PROTECTED] wrote:
Hi, I am running freeradius-0.9.3 on RedHat 9.0. I have found your documentation and faq page very helpful, however I cannot find an answer to one question. Can Radius pass a privilege level back to a Cisco switch so that users are automatically enabled into EXEC mode?
If there is a RADIUS attribute in a Cisco dictionary to do this, then yes.
Read the Cisco dictionaries. If that doesn't help, read the URL's in the dictionaries.
Supposedly, you should be able to all the following:
Cisco-AVPair = "shell:priv-lvl=15"
to your Access-Accept message and accomplish what you want.
Jeff
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- -- Jean-Paul Chapalain - GICM - Resp. Reseaux et Infrastructure -- 32 rue Mirabeau - Le Relecq-Kerhuon - 29808 Brest Cedex 9, FRANCE -- Tel +33298002873 - Fax +33298284005 - [EMAIL PROTECTED] -- Key Fingerprint: 192C 1CFE F24A 050D F280 A086 AF15 8631 3ABB 4C7D
smime.p7s
Description: S/MIME Cryptographic Signature
