Home
»
Interoperability
»
Check Attribute based on AD group membership
Interoperability with RADIUS clients & servers
05.03.2010 01:18:14
channing
Posts: 1
|
Is it possible to return different Success-Reply values based on AD Group Membership?
I am trying to use TekRADIUS with my Cisco gear for login priv level.
The way we have done it with Windows IAS is to have two AD Groups, "Switch Level 1" and "Switch Level 15". We have defined two policies in IAS, one for each group. If the users is a member of the "Switch Level 1" group, then that policy returns "shell:priv-lvl=1" and if they are a member of "Switch Level 15", that policy returns "shell:priv-lvl=15"
I'm assuming that I need to define two groups in TekRADIUS and set the Success-Reply values as above. But how or what do I set the "Check" attribute value(s) to so that it will check Active Directory group membership for the user?
Is that even possible?
Thanks,
Channing
|
|
0
• permalink
|
05.03.2010 08:55:17
Admin
Administrator
Posts: 1684
|
Dear Channing,
There are similar requets like yours. I'm currently working on such an implementation. I hope it'll be available on the next release (3.5).
Best regards,
Yasin KAPLAN
|
|
0
• permalink
|