Re: (RADIATOR) PreHandlerHook Doesn't work Properly

Mon, 24 Apr 2000 17:56:30 -0700 


Hello Khurram -

On Mon, 24 Apr 2000, Khurram Shahzad wrote:
> Yes , you are right PreHandlerHook is not required here for Group checking, but I 
>want to have
> different MaxSessions values for different groups. Due to some reasons I can't use 
>SNMP with my
> NAS (i.e Cisco 7507). Is there a way to have different MaxSessions values for 
>different users
> groups., without using any external program (finger,snmpget or snmpwalk etc.)
> 

Yes. You can use DefaultSimultaneousUse, plus Simultaneous-Use in the users
files, something like this:

> <Realm>
>         RewriteUsername s/^([^@]+).*/$1/
>         AuthByPolicy ContinueUntilAccept
>         <AuthBy FILE>
                   DefaultSimultaneousUse 1
>                 # The filename defaults to %D/users
>         </AuthBy>
>         <AuthBy FILE>
                   DefaultSimultaneousUse 1
>                 Filename %D/StaffUsers
>         </AuthBy>
>
> AcctLogFileFormat %l '%{User-Name}' %{Acct-Session-Time} %{Acct-Status-Type} \
> %{Acct-Session-Id} %{Acct-Terminate-Cause} %{NAS-Port-Type} %{NAS-IP-Address} 
>%{NAS-Port} \
> %{Framed-IP-Address} %{Framed-Protocol}
> AcctLogFileName %L/logfile.%Y%m%d
> </Realm>
>
> <AuthBy SYSTEM>
>         Identifier      System
>         UseGetspnam
> </AuthBy>
>
> Then in the file %D/StaffUsers you would have this:
>
> # file %D/StaffUsers
>
> DEFAULT         Auth-Type = System, Group = staff
>         Service-Type = Framed-User,
>         Framed-Protocol = PPP
>
> And in the file %D/users you would have this:
>
> # file %D/users
>
> DEFAULT         Simultaneous-Use = 2, Auth-Type = System, Group = special
>         Service-Type = Framed-User,
>         Framed-Protocol = PPP,
>         Vendor-Specific = cisco-avpair,
>         cisco-avpair = "ip:addr-pool=test"
>
> DEFAULT         Simultaneous-Use = 1, Auth-Type = System, Group = public
>         Service-Type = Framed-User,
>         Framed-Protocol = PPP
>
> DEFAULT         Simultaneous-Use = 1, Auth-Type = System, Group = demo
>         Service-Type = Framed-User,
>         Framed-Protocol = PPP
>

Note that DefaultSimultaneousUse is an AuthBy parameter.

Have a look at sections 6.14.13 and 13.1.12 in the Radiator 2.15 reference
manual.

hth

Hugh

-- 
Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.



===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to