I've been testing Radiator 2.13.1. My platform is Solaris 7. I am using
the following raddb/users file, with 2 entries:
DEFAULT Auth-Type = "UNIX", Group = email
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254,
Framed-IP-Netmask = 255.255.255.128,
Framed-Routing = None,
Filter-Id = emailonly,
Framed-Compression = Van-Jacobsen-TCP-IP,
Framed-MTU = 1500
DEFAULT Auth-Type = "UNIX"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254,
Framed-IP-Netmask = 255.255.255.128,
Framed-Routing = None,
Framed-MTU = 1500,
Framed-Compression = Van-Jacobsen-TCP-IP,
And then in my radius.cfg, I have the following for authentication by
unix (the group filename is the default /etc/group):
....
<AuthBy UNIX>
Identifier UNIX
Filename /etc/shadow
</AuthBy>
....
My idea is that if a user is a member of the unix group "email", then
they are authenticated by the first DEFAULT paragraph, and get a filter
which restricts them to email only. If not, then they get the paragraph,
and have no filters set for them. This makes it very easy for us to
manage our users, simply by making them members (or not) or certain
groups. However, I now have a problem: If a user has the primary group
"email", radiator does not use it, and auths them with the second entry.
However, if I now put the username into the /etc/group file with group
"email", it works OK. This becomes a problem because I have more than
1000 users, and the entries in the /etc/group file are limited to a
certain length. Is this a failing in Radiator, or am I doing something
wrong?
--
See complete headers for more info
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
