Newbie question

[Wayne Hill]

Hey guys/gals,

I'm a newbite with freeradius and have come upon an interesting issue.

Here at my job we've been using Radiator-ODBC for quite some time and  
are hoping to phase this out and begin using freeradius, along with  
some more modern hardware, instead.

Here's the issue I'm coming across.

The file we were using for authentication is a binary file, and  
inaccessible to me for use in the new implementation so i've been  
building my own.  The information I can access doesn't have groups  
available to me, however, they are retrievable.  What I've been  
trying to do is use the file generated from our nis servers for the  
actual authentication, but a different file, containing only  
username:group pairs.

Right now, I have it set up with an entry for rad_group with the  
following:

  passwd  rad_group{
	filename = /usr/local/etc/raddb/group
         format="*User-Name:~Group"
	authtype=System
}

Then placed rad_group in the authorize section. I get the following  
output in a debug after doing this:

Wed May  3 11:52:21 2006 : Debug: rlm_passwd: Added Group: 'filtered'  
to request_items

But Group = "foo" is completely disregarded and radius simply skips  
to the last, least restrictive entry in the file.

What am I missing?


Thanks,
Wayne