Denying access without restarting radiusd [SEC=UNCLASSIFIED]

Ranner, Frank MR Frank.Ranner at defence.gov.au
Tue May 29 06:20:47 CEST 2007


_______________________________

	From:
freeradius-users-bounces+frank.ranner=defence.gov.au at lists.freeradius.or
g
[mailto:freeradius-users-bounces+frank.ranner=defence.gov.au at lists.freer
adius.org] On Behalf Of Emmanuel A Kwarteng
	Sent: Tuesday, 29 May 2007 00:42
	To: freeradius-users at lists.freeradius.org
	Subject: Denying access without restarting radiusd
	
	
	Hello All,
	 
	I have a freeradius v1.51 as can be seen bellow ranning on a
linux server.
	 
	[root at isp4 raddb]# radclient -v
	radclient: $Id: radclient.c,v 1.51 2002/10/28 21:11:29 aland Exp
$ built on May  9 2003 at 09:18:10
	
	I have included a file access.deny in the users file and wants
to deny access to all users in the access.deny file. What I have
realised is that I have to restart radius anytime i update this file. 
	 
	Can someone show me how to deny a set of users like this without
restarting radius?
	 
	kwarteng

The sample users file supplied with radiusd shows an example of whet you
want. You use 
an entry like:

DEFAULT        Group == "disabled", Auth-Type := Reject
               Reply-Message = "Your account has been disabled."

And put users into group disabled (or sql-group, or ldap-group). The
point is, group 
membership is dynamically checked, while files are only read at startup.

Regards,
Frank Ranner




More information about the Freeradius-Users mailing list