You could change the shell to the no logon shell. That'll solve the problem the easiest way I know of.
---------- Original Message ----------- From: "Lisa Casey" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wed, 22 Jan 2003 16:28:46 -0500 Subject: Allowing POP3 (email only) access > Hi, > > We acquired an ISP who is using Freeradius. There are several > accounts on this system which are meant to be email only accounts > (i.e. customers dial in and are authenticated using their dial-up > username/password, then once they get connected they can check e- > mail on that account or on a e-mail only account). An e-mail only > account should not, of course, be able to log in via radius. > > However this isn't how it has been working. Take the case of username > sbmills who has a email only account of stan. Both sbmills and stan > can dial in and get authenticated via radius. So in the users file I > created as my first default entry: > > # > DEFAULT Group == "mailusers", Auth-Type := Reject > Reply-Message = "You are using a mailonly account." > # > > In /etc/group, I have a group mailonly, with GID of 105. Next I > edited the password filed (using vipw) and changed stan's group to > 105. From the testing I have done though, it still appears that this > user can dial in using the username stan and stan's password. Is > there something I have neglected to do? > > Thanks, > > Lisa Casey > Webmaster & SysAdmin > Netlink 2000, Inc. > [EMAIL PROTECTED] > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html ------- End of Original Message ------- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
