How to reject when user is not in the appropiate Huntgroup for site?
Alan DeKok
aland at deployingradius.com
Thu Sep 11 17:05:42 CEST 2014
Jeroen Bosch wrote:
> I'm trying to setup Huntgroups using the
> HOWTO http://wiki.freeradius.org/guide/SQL-Huntgroup-HOWTO
>
> after adding "update reply {
> Huntgroup-Name := "%{sql:SELECT groupname FROM radhuntgroup
> WHERE nasipaddress='%{NAS-IP-Address}'}"
> }"
>
> to my sites-enabled/default I do see the queries in the debugging
> information checking if the supplied user is part of the Huntgroup
> however when this is not the case the user still get's access:
You should follow the REST of that guide. Specifically, add an entry
to the "radgroupcheck" table.
Alan DeKok.
More information about the Freeradius-Users
mailing list