Blank Password Problem
Satyam Mathura
satz.sm at gmail.com
Thu Jan 21 23:47:15 CET 2010
Line 204 in my users file is the following:
DEFAULT Auth-Type := Reject
My MySQL databse also stores huntgroup information for the FreeRadius
server. I want to reject authentication by default on all my nas devices
unless the usergroup which the user belongs to is allowed to access that
huntgroup.
I've basically followed this guide:
http://wiki.freeradius.org/SQL_Huntgroup_HOWTO
my radhuntgroup config:
+----+-----------+----------------+----------------+------------------+
| id | groupname | nasipaddress | nasportid | usergroup |
+----+-----------+----------------+----------------+------------------+
| 1 | admin | 192.168.1.1 | tty | engineeringadmin
|
my radgroupcheck config:
+----+------------------+----------------+----+----------------+
| id | groupname | attribute | op | value |
+----+------------------+----------------+----+----------------+
| 5 | engineeringadmin | Huntgroup-Name | == | admin |
| 6 | engineeringadmin | Auth-Type | := | Accept |
On Thu, Jan 21, 2010 at 6:21 PM, Alan Buxey <A.L.M.Buxey at lboro.ac.uk> wrote:
> Hi,
>
> > users: Matched entry DEFAULT at line 204
> > ++[files] returns ok
>
> whats on line 204 or your users file? the reason why I ask is because......
>
> > rlm_pap: Found existing Auth-Type, not changing it.
> > ++[pap] returns noop
> > rad_check_password: Found Auth-Type Accept
> > rad_check_password: Auth-Type = Accept, accepting the user
> > Login OK: [john.doe] (from client routerA port 1 cli 192.168.1.1)
>
> see that? the system has been told that the Auth-Type is Accept.
> the only place it picked that yup from is the users file.
>
> alan
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100121/9ae5d353/attachment.html>
More information about the Freeradius-Users
mailing list