Group Authorization Question
Alok Vimawala
avimawal at umich.edu
Fri Jan 2 21:51:10 CET 2009
Hi Mike,
Are you trying to have the radius server send an access-reject when
the user is not in the group?
Or are you trying to send a list of groups to the VPN device?
- Alok
On Jan 1, 2009, at 3:21 PM, Alan DeKok wrote:
> Mike Diggins wrote:
>> On a related note, should the rlm_dbm_parse program be able to
>> convert
>> the users file (assuming it is the correct syntax) directly? It
>> complains about the ntlm_auth type.
>
> I wouldn't suggest using rlm_dbm. It's not really maintained, and
> it's not necessary.
>
> As of 2.x, the server puts the "users" file entries into a hash when
> it loads the file. I've tested 100K users being loaded in a second or
> two on a reasonable machine. On top of that, 2.x supports HUP better
> than 1.x.
>
> So... rlm_dbm is almost never necessary any more.
>
> If you have less than 10K entries in the "users" file, I would
> suggest
> that rlm_dbm is not for you. If you have more than 10K users, I would
> suggest using an SQL database.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090102/5ed45658/attachment.html>
More information about the Freeradius-Users
mailing list