Hi Hugh, I am not quite clear on how this would help me. Fall-Through controls whether we will continue looking even after a REJECT. That's not what I want. I am looking to augment AuthBy FILE to match against the groups that we retrieved in AuthBy LDAP2. I want to return as soon as the first Group= is matched and reject if none are matched...
Thanks, -----Original Message----- From: Hugh Irvine [mailto:h...@open.com.au] Sent: Friday, April 05, 2013 3:30 AM To: Garry Shtern Cc: 'Heikki Vatiainen'; radiator@open.com.au Subject: Re: [RADIATOR] Ideas on group and reply attribs parsing Hi Garry - You probably want "Fall-Through" in your first set of DEFAULT entries. See the following section in "doc/ref.pdf": 13.2.7 Fall-Through This attribute is not actually returned to the NAS. Its presence causes Radiator to continue looking for a match with the next DEFAULT user name. Fall-Through = yes regards Hugh On 5 Apr 2013, at 08:04, Garry Shtern <garry.sht...@twosigma.com> wrote: > I actually did. It's similar to what I want to do, with the exception of the > fact that I want to store the group to reply mappings in local files, rather > than SQL server. > > I am thinking of using a hook to create a "userIsInGroup" function local to > AuthBy FILE. What do you think? > > -----Original Message----- > From: radiator-boun...@open.com.au > [mailto:radiator-boun...@open.com.au] On Behalf Of Heikki Vatiainen > Sent: Thursday, April 04, 2013 4:47 PM > To: radiator@open.com.au > Subject: Re: [RADIATOR] Ideas on group and reply attribs parsing > > On 04/04/2013 11:24 PM, Garry Shtern wrote: > >> Thanks for the pointer. What I want to accomplish (forgetting about >> the actual code), it define all of my users in a single file. And in >> the same file to be able to distinguish which reply attributes are >> returned based on the RADIUS client. > > It's getting a bit late here, so I'll now just ask if you have noticed > goodies/lookupauthgroup.pl? It uses SQL, but could still be useful as another > pointer. > > Thanks, > Heikki > > -- > Heikki Vatiainen <h...@open.com.au> > > Radiator: the most portable, flexible and configurable RADIUS server > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, > Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, > PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full > source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. > _______________________________________________ > radiator mailing list > radiator@open.com.au > http://www.open.com.au/mailman/listinfo/radiator > _______________________________________________ > radiator mailing list > radiator@open.com.au > http://www.open.com.au/mailman/listinfo/radiator -- Hugh Irvine h...@open.com.au Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
