Hi Jason,
That users file looks fine. Radiator understands all those check items exactly
as given. Since you are using Auth-Type=System apparently to check a Unix
passwrod file, you will need to define in your Radiator config file an AuthBy
with Identifier of System for it to use:
<AuthBy UNIX>
Identifier System
# whatever
</AuthBy>
IN the line:
DEFAULT Auth-Type = Reject, Prefix = "P", Group = "shutoff"
You have specified a group, but no auth by to check it (FILE does not know how
to handle Groups directly). If (as I assume) you want to reject users starting
with P if they are in the unix group shutoff, you will need something like
this:
DEFAULT Prefix = "P",AuthType=System,Group = "shutoff",Auth-Type=Reject
There is a problem with Prefix and Suffix in 2.13.1 that can prevent a
rejection of there was no match. There is a fixed version of AuthGeneric.pm
avaialble at
http://www.open.com.au/radiator/downloads/patches-2.13.1/AuthGeneric.pm if you
need it.
Hope that helps.
Cheers.
On Jun 10, 6:13am, Jason Godsey wrote:
> Subject: (RADIATOR) compatability w/ livingston radius users file...
>
> Pjason Auth-Type = System, Prefix = "P", NAS-Port-Type = Async,
Called-Station-Id = "3830001"
> Service-Type = Framed-User,
> Framed-Protocol = PPP,
> Framed-IP-Address = 206.129.156.2,
> Framed-IP-Netmask = 255.255.255.255,
> Framed-Routing = Broadcast-Listen,
> Framed-MTU = 1500,
> Session-Timeout = 28800,
> Idle-Timeout = 1200,
> Port-Limit = 1
>
> DEFAULT Auth-Type = Reject, Prefix = "P", Group = "shutoff"
> DEFAULT Auth-Type = Reject, Group = "shutoff"
>
> DEFAULT Auth-Type = Reject, Prefix = "P", Group = "poponly"
> DEFAULT Auth-Type = Reject, Group = "poponly"
>
> DEFAULT Auth-Type = System, Prefix = "P", NAS-Port-Type = ISDN, Group =
"dualisdn", Called-Station-Id = "4240001"
> Service-Type = Framed-User,
> Framed-Protocol = PPP,
> Framed-MTU = 1500,
> Session-Timeout = 28800,
> Idle-Timeout = 1200,
> Port-Limit = 2
>
> Should this work out of box by using a simple AuthFILE in the .cfg?
> The auth system is FreeBSD, we have expiration field set in master.passwd.
> Will this work to expire radius logins also?
>
> Thanks :)
>
> - Jason
>
>
> ===
> Archive at http://www.thesite.com.au/~radiator/
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
>-- End of excerpt from Jason Godsey
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
