Hello list,
I'm running freeradius-0.9.3 with openldap auth, and it's working nicely.
However, when I try to limit groups to certain times, I find that users are still able to log in when they should be blocked.
My ldap records have a rategroupid field, which is mapped to Ldap-Group.
My users file looks like this:
DEFAULT Ldap-Group == "sundayonly", Login-Time = "2000-0500", Auth-Type := LDAP
Fall-Through = Yes
DEFAULT Auth-Type := "LDAP", Max-Sessions = 1 Framed-Protocol = PPP, Service-Type = Framed-User
An example login looks like this in debug:
rad_recv: Access-Request packet from host 127.0.0.1:53215, id=48, length=60 User-Name = "testuser" User-Password = "####" NAS-IP-Address = 255.255.255.255 NAS-Port = 0 ... rlm_ldap::ldap_groupcmp: User found in group sundayonly ... rlm_ldap: - authorize rlm_ldap: performing user authorization for testuser ... rlm_ldap: Adding rategroupid as Ldap-Group, value sundayonly & op=21 ... rlm_ldap: user netbwana authorized to use remote access ... rlm_ldap: user netbwana authenticated succesfully
I have the same Ldap-Group field working for other groups, setting ascend-data-filter reply items, is there something wrong with my Login-Time config?
Thanks,
Gavin
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html