Author: XtRadius Mailing List Date: To: xtradius Subject: Re: [xtradius] setting allowed user services to access
On Wednesday 01 December 2004 13:48, Edison Cala wrote: > i just want to ask some info regarding setting allowed services where selected users can only use/access like mail only service.
Interesting requirement. Your authentication script can echo
back any RADIUS attribute to the upstream RADIUS server. If
that system has facilities to allow fiddling with IPs and
netmasks then you could perhaps force certain users to only
get one type of service.
If the RADIUS server happens to also be the dialin point then
you can call any linux command from your auth script to enforce
some policy on your users.
> what file do i need to edit in order to make this work? i am thinking that it is maybe the users file, but don't have enough info on the docs to make this work.
Maybe someone else has a more educated answer but I don't think
there is such a thing... you would send back RADIUS attribute
pairs to tell the upstream login device what it should allow
the user to do... assuming it's capable of such things.