>> Ok, I think I am getting closer. I have defined a new passwd module >>like
>> so:
>>
>> passwd nas_group {
>> filename = ${raddbdir}/nas_group
>> format = "*NAS-IP-Address:,User-Name"
>> }
> Thet creates a username by NAS IP address, I think... you don't want
>to do that.
>
> See the "man" page for rlm_passwd. It says to create a group
>attribute for a reason.
>
> Alan DeKok.
OK, yes, I realize that was creating a user name. So if I change that format
line to have a Group attribute instead of User-Name, then I have a Group being
created by NAS-IP-Address. I still don't get how I can test to make sure that
the user is part of this group. I have tried adding the group name to the
usergroup table, but whether or not this value is correct (corresponds to the
value in the nas_group file) or is even present doesn't make a difference. The
user is always getting authenticated. Where does the logic need to lie to
check that the user is a part of the named group?
Simon
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
