Can I work around this just by doing the following in my users file?
.
.
.
# Allow non-admin access to Wireless Controller
DEFAULT Auth-Type = System, Client-Identifier = WirelessController, Group =
WirelessUsers
# Return NON enabled privileges attributes
# Allow admin access to Wireless Controller
DEFAULT Auth-Type = System, Client-Identifier = WirelessController, Group =
WirelessAdmins
# Return enabled privileges attributes
AddToReply Session-Timeout=0,Callback-Number=admin
.
.
.
# Last entry reject
DEFAULT Auth-Type = “Reject:Not Found”
--
Neil Johnson
Network Engineer
The University of Iowa
Phone: 319 384-0938
Fax: 319 335-2951
E-Mail: [email protected]
> On Oct 30, 2015, at 6:37 AM, Tuure Vartiainen <[email protected]> wrote:
>
> Hi,
>
>> On 29 Oct 2015, at 20:18, Johnson, Neil M <[email protected]> wrote:
>>
>> Will the following work?
>>
>
> yes, it will work with an exception of group handling, you should make sure
> that groups used in users file can also be found in /etc/group. When
> using /etc/shadow which does not include GIDs for users, the current code
> allows also authenticated users when comparing against non-existing group.
>
> We’ll fix the later in a following release.
>
>
> BR
> --
> Tuure Vartiainen <[email protected]>
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
> DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
> NetWare etc.
>
_______________________________________________
radiator mailing list
[email protected]
http://www.open.com.au/mailman/listinfo/radiator
