PAM authenticacion and groups

Diego Woitasen diegows at gmail.com
Wed Sep 19 17:58:06 CEST 2007


Hi,

I have freeradius configured to authenticate users with PAM working
fine. Now I want to add group membership checking. I have the
followind users entry:

DEFAULT Auth-type = PAM, Group-name == "netadmin"
        Service-Type = Login-User,
        Cisco-AVPair = "shell:priv-lvl=15",
        Fall-Through = 0

That doesn't work. I test with Group attribute too.

The user that I use in radtest is member of netadmin group. One thing,
the group membership must be queryed via nsswitch (getgrnam()),
because the users are not local, they are in a LDAP server (I can't
user the rlm_ldap now, we are in transition).

What am I missing?

regards,
   diegows


-- 
-------------------
Diego Woitasen
-------------------



More information about the Freeradius-Users mailing list