Re: PAM authenticacion and groups

2007-09-21 Thread Diego Woitasen
2007/9/19, [EMAIL PROTECTED] [EMAIL PROTECTED]: Groups are a part of authorization so there is no conflict with any authentication method. You can use ldap (Ldap-Group), sql(Sql-Group), unix (Group) ... Ivan Kalik Kalik Informatika ISP Dana 19/9/2007, Diego Woitasen [EMAIL PROTECTED]

Re: PAM authenticacion and groups

2007-09-21 Thread Alan DeKok
Diego Woitasen wrote: And finally, this doesn't work neither: DEFAULT Auth-type = PAM, Ldap-Group == xnetadmin Service-Type = Login-User, Cisco-AVPair = shell:priv-lvl=15, Fall-Through = 0 I don't see why that wouldn't work. Again, what does the debug log say?

Re: PAM authenticacion and groups

2007-09-21 Thread tnt
With the following entry, radiusd try LDAP for authenticacion and authorization: DEFAULT Ldap-Group == xnetadmin Service-Type = Login-User, Cisco-AVPair = shell:priv-lvl=15, Fall-Through = 0 With this, PAM authenticacion is working fine, but I haven't got LDAP

PAM authenticacion and groups

2007-09-19 Thread Diego Woitasen
Hi, I have freeradius configured to authenticate users with PAM working fine. Now I want to add group membership checking. I have the followind users entry: DEFAULT Auth-type = PAM, Group-name == netadmin Service-Type = Login-User, Cisco-AVPair = shell:priv-lvl=15,

Re: PAM authenticacion and groups

2007-09-19 Thread Diego Woitasen
2007/9/19, Alan DeKok [EMAIL PROTECTED]: Diego Woitasen wrote: ... That doesn't work. And what do you mean by that? See the FAQ. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html That entry/configuration I read the FAQ and I can't

Re: PAM authenticacion and groups

2007-09-19 Thread Alan DeKok
Diego Woitasen wrote: That entry/configuration I read the FAQ and I can't see nothing interesting. The question is, radius uses nsswitch to check group membership using PAM authenticacion? Q: Hi I tried to do stuff, but it didn't work. Why? A: WTF? It's difficult to help you if you

Re: PAM authenticacion and groups

2007-09-19 Thread Diego Woitasen
2007/9/19, Alan DeKok [EMAIL PROTECTED]: Diego Woitasen wrote: That entry/configuration I read the FAQ and I can't see nothing interesting. The question is, radius uses nsswitch to check group membership using PAM authenticacion? Q: Hi I tried to do stuff, but it didn't work. Why?

Re: PAM authenticacion and groups

2007-09-19 Thread tnt
Groups are a part of authorization so there is no conflict with any authentication method. You can use ldap (Ldap-Group), sql(Sql-Group), unix (Group) ... Ivan Kalik Kalik Informatika ISP Dana 19/9/2007, Diego Woitasen [EMAIL PROTECTED] piše: 2007/9/19, Alan DeKok [EMAIL PROTECTED]: Diego