I have try this and i did not get any positive results. user get reject but user@realm did not. I thind i will wait for version 0.8.
Chris Parker wrote: > At 08:21 PM 11/12/2002 -0600, Marcin Groszek wrote: > >Version 0.7.1 > >I am using default radius.config file and i experience problem with > >denying access to group of users. > >Normally I use realm, hunt-group work fine port limit also work but .... > > > >Wen i send request to server with realm the server responds OK for user > >in reject group > >but wen i send same request to same server without realm the request is > >getting reject as should be. > >realms file is setup to LOCAL for my realm. > >I include debug from auth. > > > >rad_recv: Access-Request packet from host 127.0.0.1:1025, id=2, length=57 > > User-Name = "marcin" > >modcall: entering group authorize > > modcall[authorize]: module "preprocess" returns ok > > rlm_realm: Looking up realm NULL for User-Name = "marcin" > > rlm_realm: No such realm NULL > > modcall[authorize]: module "suffix" returns noop > > HASH: user marcin found in hashtable bucket 68338 > > HASH: matched user marcin in group users > > users: Matched DEFAULT at 71 > > modcall[authorize]: module "files" returns ok > >modcall: group authorize returns ok > > rad_check_password: Found Auth-Type Reject > > > > > >rad_recv: Access-Request packet from host 127.0.0.1:1025, id=6, length=70 > > User-Name = "[EMAIL PROTECTED]" > >modcall: entering group authorize > > modcall[authorize]: module "preprocess" returns ok > > rlm_realm: Looking up realm hostplus.net for User-Name = > > "[EMAIL PROTECTED]" > > rlm_realm: Found realm hostplus.net > > rlm_realm: Adding Stripped-User-Name = "marcin" > > rlm_realm: Proxying request from user marcin to realm hostplus.net > > rlm_realm: Adding Realm = "hostplus.net" > >rlm_realm: Authentication realm is LOCAL. > >rlm_realm: auth_port is not set. proxy cancelled > > modcall[authorize]: module "suffix" returns noop > > users: Matched DEFAULT at 152 > > modcall[authorize]: module "files" returns ok > >modcall: group authorize returns ok > > rad_check_password: Found Auth-Type System > > This seems like a bug in the operation of the server. Assuming you > have an entry along the lines of: > > DEFAULT Group == "reject", Auth-Type := Reject > Fall-Through = No > > You could try adding the realm to the check items in a second entry > such that you now have: > > DEFAULT Group == "reject", Auth-Type := Reject > Fall-Through = No > > DEFAULT Group == "reject", Realm == "hostplus.net", Auth-Type := Reject > Fall-Through = No > > That may or may not work. I suspect the problem lies with the Group > lookup attempting to use 'User-Name' which I think will still contain > '[EMAIL PROTECTED]'. Can you include your realm entry for the realm? > > -Chris > -- > \\\|||/// \ StarNet Inc. \ Chris Parker > \ ~ ~ / \ WX *is* Wireless! \ Director, Engineering > | @ @ | \ http://www.starnetwx.net \ (847) 963-0116 > oOo---(_)---oOo--\------------------------------------------------------ > \ Wholesale Internet Services - http://www.megapop.net > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Best Regards: Marcin Groszek Http://www.hostplus.net Where we offer: Server Co-location, Web Site Hosting and Internet Access. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
