====== Principles of RADIUSdesk Realms ======
===== Introduction =====
Realms are a way to group users in RADIUS. Since RADIUSdesk are simply a front-end to FreeRADIUS, realms are also supported in RADIUSdesk.


===== Realms and usernames =====
  * Usually in RADIUS deployments one can discover the realm a user belongs to by looking at the username. 
  * Suppose we have alice@my_realm.com. We can assume that **alice** belongs to the **my_realm.com** realm.
  * RADIUSdesk allows you to follow this convention **but also** offers the flexibility to allow you to specify a user's **email address**    as their username.
  * This will allow you to register Alice with her gmail email address as a username.
  * We can now have user **alice.bodine@gmail.com** that is part of the my_realm.com realm.
  * In RADIUSdesk **ALL** Vouchers and Permanent Users belongs to **one** realm.
  * BYOD Devices automatically will belong to the realm of the Permanent User who owns the device.

<WRAP center round info 60%>
=== Some useless information ===
== Who is Alice Bodine? ==
  * She's someone who Norman Greenbaum wrote a song about
  * http://www.youtube.com/watch?feature=player_detailpage&v=3jzu4ggMDuQ
</WRAP>

===== Access Providers and Realms =====
  * Access Providers will have granular rights to one or more realms.
  * An Access Provider can for instance be allowed to delete Vouchers from one realm, but be prevented to delete Vouchers from another realm.