Lisa Casey wrote:
I am attempting to use my Freeradius users file to restrict certain users to a specific realm. In my users file, I have several default realms specified near the top as so: ... Next I have users entries as so:
lisa Auth-Type = Local, Password == xxxxxxx
This is wrong. Do NOT set Auth-Type. Change the "Password ==" text to "Cleartext-Password :=".
I would like to restrict lisa to realm1.com only. So I modified lisa's entry in the users file like so:
lisa Realm == realm1.com, Auth-Type = Local, Password == xxxxxxx
Make the same changes here.
It doesn't work. In my radius.log I get:
Fri Dec 5 12:59:05 2008 : Auth: Login incorrect: [lisa/xxxxxxx] (from client rad03.globalpops.com port 1282 cli 423784xxxx)
Stop looking at the radius.log file, and look at the debug output.
Fri Dec 5 12:59:11 2008 : Auth: Login incorrect: [lisa/xxxxxx] (from client rad04.globalpops.com port 1282 cli 423784xxxx)
I have tried leaving out Auth-Type, I've changed Password == to Cleartext-Password == but none of that helped.
The FAQ clearly says to use "Cleartext-Password :=". The "man" page for the users file also explains the meaning of the operators.
I can authenticate as lisa with no realm specified in the users file as a check item, buit as soon as I add that in, I can no longer authenticate. Any idea what I'm doing wrong or why this isn't working for me?
Without the debug output, it's impossible to know. Alan DeKok.