Blank Password Problem

Satyam Mathura satz.sm at gmail.com
Thu Jan 21 23:47:15 CET 2010


Line 204 in my users file is the following:
DEFAULT   Auth-Type := Reject

My MySQL databse also stores huntgroup information for the FreeRadius
server. I want to reject authentication by default on all my nas devices
unless the usergroup which the user belongs to is allowed to access that
huntgroup.
I've basically followed this guide:
http://wiki.freeradius.org/SQL_Huntgroup_HOWTO

my radhuntgroup config:
+----+-----------+----------------+----------------+------------------+
| id | groupname | nasipaddress   | nasportid      | usergroup        |
+----+-----------+----------------+----------------+------------------+
|  1 | admin     | 192.168.1.1           | tty            | engineeringadmin
|


my radgroupcheck config:
+----+------------------+----------------+----+----------------+
| id | groupname        | attribute      | op | value                 |
+----+------------------+----------------+----+----------------+
|  5 | engineeringadmin | Huntgroup-Name | == | admin     |
|  6 | engineeringadmin | Auth-Type      | := | Accept         |



On Thu, Jan 21, 2010 at 6:21 PM, Alan Buxey <A.L.M.Buxey at lboro.ac.uk> wrote:

> Hi,
>
> >     users: Matched entry DEFAULT at line 204
> > ++[files] returns ok
>
> whats on line 204 or your users file? the reason why I ask is because......
>
> > rlm_pap: Found existing Auth-Type, not changing it.
> > ++[pap] returns noop
> >   rad_check_password:  Found Auth-Type Accept
> >   rad_check_password: Auth-Type = Accept, accepting the user
> > Login OK: [john.doe] (from client routerA port 1 cli 192.168.1.1)
>
> see that? the system has been told that the Auth-Type is Accept.
> the only place it picked that yup from is the users file.
>
> alan
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100121/9ae5d353/attachment.html>


More information about the Freeradius-Users mailing list