2 things i have found. could be helpfull for others... first, in 'users' file, all entrys are with @domain.com when trying the 'group' things/examples, i was given a clue that it was unix 'groups' as applied to the users account is what controlled the 'groups' examples... so, if we have a user unix account of 'batman' and in the radius users file we have '[EMAIL PROTECTED]' then the groups will not work, even if we use the 'strip' command in the realms file for the 'local' domain...all of our users have an @domain in the users file, however, their unix account just has username...so, the short answer is to add a user in unix exactically like whats in the radius users file...then set the group permissions..works, but is kinda un-practical, or get a fix that would use the radius users file as expected, '[EMAIL PROTECTED]' and let groups be just 'batman'... secondly, when doing proxy authentication, a username comes in like: User-Name = " [EMAIL PROTECTED]" (note leading spaces) and gets passed to another radius server, where its authenticated as "[EMAIL PROTECTED]" and is in detail record for the user as " [EMAIL PROTECTED]".. while that may be a big in the 'other' radius server, thats not the issue here... it is about the detail records that are created for the proxy authentication... having leading 'whitespace' it makes it hard to import detail records into our billing program, since it takes the 'User-Name' litterally, and trys to match " [EMAIL PROTECTED]" to "[EMAIL PROTECTED]" which is whats in the access database... any chance we could get the server to 'ignore leading spaces' in the User-Name attrib/log and just output the string? Mike - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
