Guys, I'm using Freeradius-0.9.3 with the rlm_ldap module (OpenLDAP backend) and have most everything configured except this last little bit. I would like to allow only certain users to have the ability to log in to only certain switches. i.e. Cisco group will manage cisco devices and juniper group can only manage juniper devices.
I thought I could do this by placing: "Group = operator" in the huntgroups file under each individual huntgroup and then adding a "radiusReplyItem: Group := operator" in my ldap schema. However, this has managed to seg fault the radiusd process. Is this the correct way to go about adding tiered access to my routers/switches? If not, I would appreciate any help out there. Robert - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
