_______________________________ From: freeradius-users-bounces+frank.ranner=defence.gov.au@lists.freeradius.or g [mailto:freeradius-users-bounces+frank.ranner=defence.gov.au@lists.freer adius.org] On Behalf Of Emmanuel A Kwarteng Sent: Tuesday, 29 May 2007 00:42 To: freeradius-users@lists.freeradius.org Subject: Denying access without restarting radiusd Hello All, I have a freeradius v1.51 as can be seen bellow ranning on a linux server. [root@isp4 raddb]# radclient -v radclient: $Id: radclient.c,v 1.51 2002/10/28 21:11:29 aland Exp $ built on May 9 2003 at 09:18:10 I have included a file access.deny in the users file and wants to deny access to all users in the access.deny file. What I have realised is that I have to restart radius anytime i update this file. Can someone show me how to deny a set of users like this without restarting radius? kwarteng The sample users file supplied with radiusd shows an example of whet you want. You use an entry like: DEFAULT Group == "disabled", Auth-Type := Reject Reply-Message = "Your account has been disabled." And put users into group disabled (or sql-group, or ldap-group). The point is, group membership is dynamically checked, while files are only read at startup. Regards, Frank Ranner