Hi
This was an example of my problem:
We have a client johndoe who has a username and a password to have
access to internet with a PPP connexion. When he calls into our server
he is authenticated by the Radius daemon which uses the passwd file. At
the end of the month if I look in the radius log file I can determine
how many hours the user johndoe has done.
When he wants to access the popper daemon he has to give his username
and password which are in the passwd file. Everything is fine.
Now Johndoe's son wants to have his own e-mail adress ex:
jimdoe_at_internet.com to communicate with his friends. To access internet
he should continue to use his father's account then to get his messages
he would use his own username and password.
The problem is that I have no way of denying jimdoe's access. If he
calls and authenticate himself as jimdoe with his own password he will
have access to internet since his username/password appears in the
passwd file which is used for internet access autentification and e-mail
authentification !!
The solution came from "Antonio S. Martins Jr." <shadow_at_wnet.com.br>
>Just set the second e-mail in the /etc/raddb/users file. In there
>set this user with: "Service-Type = none" and the radiusd wont let he/she
>to login :)
Of course this is a simple solution for me because I use a Livingston
PortMaster with Radius Accounting
Thanks to all
Patrick
mailto:gestion_at_royaume.com
Received on Thu Jul 03 1997 - 16:24:14 NZST