Local groups in FreeRadius ?

Ami Schieber ami.schieber at gmail.com
Mon Aug 28 15:07:47 CEST 2006 

Phil,

Thanks for your help.
Can you also explain what format should the users file use ?

Currently, I've tried :

Ami          User-Password == "ami123"
                Service-Type = Framed-User,
                Framed-Protocol = PPP,
                Fall-Through = Yes

FIGrp        Auth-Type := Local, MyGroup-Name := FIGrp
                Reply-Message = "Hello from Group FIGrp, %u"

DEFAULT Pool-Name := main_pool, Auth-Type := Local
                Fall-Through = Yes


and my dictionary file has :

ATTRIBUTE       MyGroup-Name            3003    string

while my /etc/FIGroup file has the following :

FIGrp:Ami

and my radiusd.conf has :

 passwd MyGroup {
                filename = /usr/local/etc/raddb/FIGroup
                format = "~MyGroup-Name:*User-Name"
                hashsize = 50
                ignoreislike = yes
                allowmultiplekeys = yes
                delimiter = ":"
        }

I'm still unable to see a match to the Group entry when I run radiusd -X but
only to the user and to DEFAULT entries :

users: Matched entry Ami at line 1
users: Matched entry DEFAULT at line 20


Thanks again,

Ami



On 8/28/06, Phil Mayers <p.mayers at imperial.ac.uk> wrote:
>
> Ami Schieber wrote:
> >  passwd MyGroup {
> >                 filename = /etc/MyGroup
> >                 format = "~Group-Name:::*,User-Name"
> >                 hashsize = 50
> >                 ignoreislike = yes
> >                 allowmultiplekeys = yes
> >
> > My /etc/MyGroup file :
> >
> > FIGrp:::*,Ami
> > FIGrp:::*,John
>
> No. The "," prefixing the key in the format means that more than one
> value exists in that field, separated by commas, like the /etc/group
> file. The man page is quite specific. Your file would need to read:
>
> FIGrp:::Ami,John
>
> The "man rlm_passwd" docs are pretty specific about that example:
>
> """Parse  a file similar to the /etc/group file."""
>
> If you're generating the file yourself, you can use a simpler format:
>
> passwd mygroup {
>    filename = /etc/mygroup
>    format = "~Group-Name:*User-Name"
>    hashsize = 50
>    allowmultiplekeys = yes
> }
>
> ...ands
>
> group:user1
> group:user2
> othergroup:user3
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060828/3be3b37e/attachment.html>

More information about the Freeradius-Users mailing list