Loading...
6-51
Configuration Options
6.8.9.1. Dictionary Support for RADIUS
The RADIUS dictionary file can allow you to define users and assign command access
rights and circuit access rights from a central location. The RADIUS dictionary file,
"dictionary.wti" is included on the CDROM along with this user's guide. To install the
dictionary file on your RADIUS server, please refer to the documentation provided with
your server; some servers will require the dictionary file to reside in a specific directory
location, others will require the dictionary file to be appended to an existing RADIUS
dictionary file. The WTI RADIUS dictionary file provides the following commands: .
• WTI-Super - Sets the command access level for the user. This command provides
the following arguments:
0=ViewOnly
1=User
2=SuperUser
3=Administrator
For example, to set the access level to "SuperUser", the command line would be:
WTI-Super="2"
• WTI-Plug-Access - Determines which circuit(s) the user will be allowed to
access. This command provides an argument that consists of a character string,
with one character for each the RPC's switched circuits. The following options are
available:
0=Off(DenyAccess)
1=On(AllowAccess)
For example, to allow access to Circuits 2 and 4, the command line would be:
WTI-Plug-Access="0101"
• WTI-Group-Access - Determines which circuit group(s) the user will be allowed
to access. The argument for this command includes a character for each, defined
circuit group. The first character in the string is used to represent the first circuit
group defined, and the last character in the string represents the last circuit group
defined. The following options are available for each circuit group:
0=Off(DenyAccess)
1=On(AllowAccess)
For example, to allow access to the first three defined circuit groups out of a total of
six defined circuit groups, the command line would be:
WTI-Group-Access="111000"
Example:
The following command could be used to set the command access level to "User", allow
access to Circuits 1 and 2, and also allow access to the first two of five defined circuit
groups:
tom Auth-Type:=Local, User-Password=="tom1"
Login-Service=Telnet,
Login-TCP-Port=Telnet,
User-Name="HARRY-tom",
WTI-Super="1",
WTI-Circuit-Access="11000000",
WTI-Group-Access="11000",
Loading...
Terms of Use | Privacy Policy | DMCA Policy
2006-2020 Rsmanuals.com