There are two tables called RADGROUPAUTH and RADUSERS.How are they related with each other.i add a user from Radmin Page but cannot define it is group inorder to do TACACS+ authorization.I can do it AuthBy File clause.But I want to use mysql database inorder to use TACACS authorizarion.
I added a new user from RADMIN but it always use the group2 defined in
<ServerTACACSPLUS> clause.Although the user do not belong any group.
My <ServerTACACSPLUS> includes two groups but always reply come from group2.I
am very confused.please help.
<ServerTACACSPLUS>
AddToRequest OSC-Group-Identifier = group1
AddToRequest OSC-Group-Identifier = group2
AuthorizeGroup group1 permit service=shell cmd=\*
{cisco-avpair="priv-lvl=15"}
GroupMemberAttr OSC-Group-Identifier
AuthorizeGroup group1 permit service=shell cmd=show cmd-args=.*
AuthorizeGroup group1 permit .*
AuthorizeGroup group2 deny .*
</ServerTACACSPLUS>
My sample radius.cfg I at the attachment.
MURAT BÄ°LAL
Services Engineer
Ericsson Turkey
CU Customer Support
Cyber Plaza C Blok Kat:1 No:146
Cyberpark 6800 Bilkent/Ankara
Mobile +90 554 898 98 43
murat.bi...@ericsson.com<mailto:murat.bi...@ericsson.com>
www.ericsson.com
[cid:image001.png@01CDBF66.C3C17F60]<http://www.ericsson.com/>
This Communication is Confidential. We only send and receive email on the basis
of the terms set out at
www.ericsson.com/email_disclaimer<http://www.ericsson.com/email_disclaimer>
<<inline: image001.png>>
radius.cfg
Description: radius.cfg
_______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
