:Restrict local users::..

Alfonso Alejandro Reyes Jiménez conesh at gmail.com
Sat Jun 25 05:18:11 CEST 2011


That did the trick.

Thanks.

El 24/06/2011 12:34 a.m., Tim Sylvester escribió:
> Is the "unix" module uncommented in the authorize section of your
> configuration? If so, then FreeRADIUS is authenticating the users in the
> /etc/password file.
>
>
>          #
>          #  Pull crypt'd passwords from /etc/passwd or /etc/shadow,
>          #  using the system API's to get the password.  If you want
>          #  to read /etc/passwd or /etc/shadow directly, see the
>          #  passwd module in radiusd.conf.
>          #
> #       unix
>
> Tim
>
> -----Original Message-----
> From:
> freeradius-users-bounces+tim.sylvester=networkradius.com at lists.freeradius.or
> g
> [mailto:freeradius-users-bounces+tim.sylvester=networkradius.com at lists.freer
> adius.org] On Behalf Of Alfonso Alejandro Reyes Jiménez
> Sent: Thursday, June 23, 2011 9:30 PM
> To: FreeRadius users mailing list
> Subject: ..::Restrict local users::..
>
> Hi Everyone.
>
> we would like to know if there's a way to reject access to the local users,
> that's because we discover that if you have a system account you may login
> on the radius server.
>
> I have the teory that if we use the rlm_passwd module we can reject the
> access to the "local group", I search on the man rlm_passwd file and it has
> examples of the configuration. The only thing that I don't understand is how
> radius know which file to check.
>
> I mean if I put a file with our group information, how can I tell radius to
> check that file? I have the group file on the /etc/ and the smbpasswd
> example on /etc/raddb/modules/
>
> I've checked all the raddb directory files looking for any option without
> luck.
>
> What am I doing wrong?
>
> Any advice will be appreciated.
>
> Alfonso.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>



More information about the Freeradius-Users mailing list