Hello Firas -
On Tue, 10 Oct 2000, Firas Emsaytif wrote:
> Hello,
>
> Following is my config. and the DEBUG output, the user I am authenticating is in
> "/etc/shadow" and not in the "users.shadow", I authenticated the first time using
>
> #perl radiuspwtst -nostop -user firas -password <password>
>
> and the second time
>
> #perl radiuspwtst -nostop -nas_ip_address 203.63.154.2 -user firas -password
> <password>
>
> and in both times access was accepted. The same happens when I authenticate a user in
> "/etc/shadow" and "users.shadow".
>
Thanks for reporting this, there does appear to be a problem with
DefaultSimultaneousUse and DEFAULT entries in users files.
There are a couple of things you will need to do.
First in your configuration file:
# configure AuthBy FILE with Identifier for later use
# note NoDefaultIfFound (to stop DEFAULT check)
<AuthBy FILE>
Identifier check_shadow_sim_use
DefaultSimultaneousUse 1
Filename /etc/users.shadow
NoDefaultIfFound
</AuthBy>
Secondly in your users.shadow file:
# file %D/users.shadow
# only users with sim-use != 1 are defined here
# note Simultaneous-Use = 1 for DEFAULT
DEFAULT Simultaneous-Use = 1, Auth-Type = check_shadow
someuser Simultaneous-Use = 2, Auth-Type = check_shadow
anotheruser Simultaneous-Use = 3, Auth-Type = check_shadow
......
We will fix the problem for the next release.
thanks and regards
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.