Unfortunately I lost the previous message of this thread, where Alan Dekok's respond is presented. Anyway, the content of it was he offered to use groups membership. He also gave a specific file: rlm_passwd which should be configured in order to achieve groups membership as an indication which IAS server would respond each authentication request. The thing is, though went over the help file of rlm_passwd a couple of times, I didn't see clear explanation how to configure it when working in IAS-Active Directory environment.
Appreciate you help on this one. Cheers, Ronen As I didn't get any response yet, I would like to make my self clearer: I'm looking for alternative ways to differ among authenticated users, other then realms. I thought that the way to do it is, as I described bellow. The thing is I'm not sure how to implement this idea with in Free RADIUS. Please help me in the configuration and implamantation of this concepts. Thank you, Ronen My scenario is as follow: I use more then one strong authentication system, which is OTP (One Time Password) based and has a RADIUS interface. I use the same users repository for the various authentication systems and wish to differ between the authentication systems, using Free RADIUS .Net. I wouldn't like to use realms, as I would like users to use ordinary username and not make them use a realm. I think that the way to do it, is to create sort of loop, which will run through the various RADIUS interfaces of the OTP systems and seek for a given username. If it fails on one system, continue to the next one, and if not found in any of them, send reject access response. Best, Ronen.
smime.p7s
Description: S/MIME cryptographic signature
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html