1 Jun
2012
1 Jun
'12
11 a.m.
g17jimmy wrote:
One question relating to this is about the /etc/raddb/users file- It doesn't seem to work as it's documented,
Well... no.
If I have a group set to be rejected based on its membership like this:
DEFAULT Group="disabled", Auth-Type:=Reject
radius doesn't even check for group membership. The only way it seems to get directed to check membership is with a negative check (!=).
See "man users". Use Group == ... The operators do different things.
DEFAULT LDAP-Group!="newgroup", Auth-Type:=Reject
Regardless, I still can't figure out what filter would validate the user "newuser" as a member of "newgroup"-
LDAP-Group == "newgroup" Everyone else is using it. Alan DeKok.