On Fri, Feb 18, 2005 at 01:29:50PM -0500, Dustin Doris wrote: > From: Dustin Doris <[EMAIL PROTECTED]> > To: freeradius-users@lists.freeradius.org > Subject: Re: Grouping accounts > Date: Fri, 18 Feb 2005 13:29:50 -0500 (EST) > > > > Hi, > > > > Currently our users log on to our system and are authenticated by the > > Radius server. Then, when they access a server, they log in with local > > user accounts. > > > > Sometimes these accounts are the same name as the Radius account they > > logged into originally, but not always. > > > > Is it possible, using FreeRadius, to group these accounts together and > > have all access controlled by the Radius server. > > > > For instance: > > > > joeuser logs into the system and is authenticated by Radius. > > > > He then logs onto the ftp server. Can this be authorized by Radius using > > a different id/password but as a subset of "joeuser" so he can still be > > tracked and billed using just the main Radius account? > > > > Thanks, > > Steven Wayne > > -- > > I would really try to move to the same username/password pair for all > users. It will uncomplicate your work a lot. Proftpd supports radius as > well as sql and ldap for authentication. So you could switch your FTP > server to use proftpd and then have it use radius to authenticate. Or if > you users are stored in a backend like ldap or sql, you could connect > directly to it instead of using radius. If you do that, you will need to > add some more things to your radius/backend, such as user homdir, shell, > uid, gid, but it would be worth it in the long run. > >
Had a thought. What about company accounts where various of people can log in and access the network, but only one user is supposed to log on to the FTP server. Is it possible to have FreeRadius use user/password/service as a unique identifier? If not then I guess they'll have to use a different Radius account with a seperate table to group them all together for billing purposes. Steven. -- .''`. : :' : `. `'` `- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
