working huntgroups
Carlos Mauricio Reyes Sanmiguel
creyes at co.ibm.com
Tue May 16 23:58:15 CEST 2006
Hi,
I need to separate the users in the machines that they have access to, i
read about the huntgroups file, but is not working, it seems that the
radius is not checking the huntgroup file to give the access.
I have a freeradius on a Redhat machine, running with the MySQL database
for the users and groups information. I have the information on the
radcheck, the radgroupcheck, and the radgroup repply tables, all the
connections and the authentication works ok, the problem is that the users
have access to all of the machines, even the ones that they shouldn´t.
This is what i have in my radgroup reply table..
GroupName Attribute op Value
test Cisco-AVPair = shell:cmd*
test Cisco-AVPair = shell:priv-lvl=15
test Service-Type = Shell-User
test Huntgroup-Name = name
the hunt group is like this.
#name huntgroup
name NAS-IP-Address == 10.0.2.244
name NAS-IP-Address == 10.0.2.246
name NAS-IP-Address == 10.0.2.248
Group = test
It suppose that the user with that huntgroup name in their attribute
should only be able to connect to those IP addresess.. or that´s what i
expect.. ;)
Thank you.. in advance..
Carlos
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060516/55eef816/attachment.html>
More information about the Freeradius-Users
mailing list