Thanks for your help Alan, your hints gave me the right thing to look at.
For the curious here is the corrected configuration:
bash-2.03# cat /usr/local/etc/raddb/users
DEFAULT Hint == "Enable", Auth-Type := System
Service-Type = Login-User,
Cisco-AVPair += "shell:priv-lvl=15"
monkey Auth-Type := System
Service-Type = Login-User,
bash-2.03# cat /usr/local/etc/raddb/hints
DEFAULT Suffix = ".en", Strip-User-Name = Yes
Hint = "Enable",
Cisco-AVPair += "shell:priv-lvl=15"
Thanks again!
Matt
-----Original Message-----
From: Alan DeKok [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 20, 2002 11:48 AM
To: [EMAIL PROTECTED]
Subject: Re: Cisco AV-Pairs & Suffix
"Olney, Matthew" <[EMAIL PROTECTED]> wrote:
> bash-2.03# cat /usr/local/etc/raddb/users
>
> monkey Auth-Type := System
> Service-Type = Login-User,
>
> DEFAULT Hint == "Enable"
> Cisco-AVPair += "shell:priv-lvl=15"
With that configuration, "monkey" and "monkey.en" will both match
ONLY the first entry.
But if you had run the server in debugging mode like is suggest in
the FAQ, README, and twice a day on this list, you would have noticed
that.
The solution is to make your configuration more like the sample
'users' file. READ IT. Especially the 'Auth-Type := System' piece,
and the hints that come afterwards.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
