2014-02-05 - Re: [GRASE-Hotspot] preventing logon for semi-permanent users

Header Data

From: Timothy White <ti***8@gmail.com>
Message Hash: 8235256e7c3cf454617b5a7718557db90c1240845ec943225326a63fab21d145
Message ID: <CAESLx0KSqrqek3zYjpSq_A0ASc_9fqf1nRi+=CY-AL6-np0FzQ@mail.gmail.com>
Reply To: <CF4E32C8-2034-4212-BD9E-36FF2BD8C10A@argyle.com.au>
UTC Datetime: 2014-02-05 13:53:33 UTC
Raw Date: Thu, 06 Feb 2014 06:53:33 +1000

Raw message 

Yes and No.

Yes, it's possible. Through the current UI, it's not. You can create a
special group called Machines (IIRC, will have to check in the source) that
will be applied to all computer accounts. Working from there, you can
create more groups for the computer accounts, then edit the DB to assign
them to those other groups.

Lastly, if you want, you can create a user directly as a computer account
by using the MAC address, and the special macpassword setting, again you'll
want to check in the code for the format of the MAC address (or check the
DB). There really isn't anything special about computer accounts except the
login is a MAC address, and the password is a special password. Just the UI
hides that from the user.

Patches welcome to unhide the complexity of computer accounts so they can
be more flexible.

Tim


On Thu, Jan 30, 2014 at 8:53 AM, David Wilson <da***e@argyle.com.au> wrote:

> Hi,
>
> I was wondering if it is possible (or could be possible) to allocate users
> accounts in a similar way to computer accounts but where we can take full
> advantage of the normal account features.
> Or maybe put another way - Allow computer accounts to have the same limits
> assigned as we do with user accounts.
>
> Here is the use case:
>
>         Customer has normal casual guests
>                 - They get issued usernames and passwords in the normal way
>                 - They get a time limit and a data limit.
>                 - This all works perfectly.
>
>         Customer also has staff that live onsite.
>                 - They can get internet too if they like at Staff rates.
>                 - They get a data limit and their time limit is big (like
> 6-12 months)
>                 - They need to pay for their data usage just like the
> casual guests but at a staff rate.
>                 - We use different user groups for staff and guests.
>
>
> The main issue is that the staff are getting annoyed at having to
> continually log in all the time.
> Whenever they roam off-site and back again they need to re-login.
> Some of them have devices that are unable to log in (like TiVo's etc).
>
>
> The computer Account works fine for allowing designated computer access,
> but we do not get the same level of detail with the limits.
>
> Can we create a computer account for each device that has:
>         - Bandwidth Limits
>         - Recurring Data Limits
>         - Expiry
>
> Essentially, if it were possible to select an existing group that each
> computer account can belong to, that would meet the need.
>
> Thoughts?
>
> Dave Wilson
>
> ------------------------------------------------------------------------------
> WatchGuard Dimension instantly turns raw network data into actionable
> security intelligence. It gives you real-time visual feedback on key
> security issues and trends.  Skip the complicated setup - simply import
> a virtual appliance and go from zero to informed in seconds.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
> _______________________________________________
> Grase-hotspot mailing list
> Gr***t@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/grase-hotspot
>

Thread