> -----Original Message-----
> From:
> [EMAIL PROTECTED]
> eradius.org
> [mailto:[EMAIL PROTECTED]
> ists.freeradius.org] On Behalf Of Norman Zhang
> Sent: Wednesday, 2 May 2007 13:08
> To: [email protected]
> Subject: Default Authentication
>
> I have the following setup for users
>
> DEFAULT Auth-Type = System
> Fall-Through = Yes,
> cisco-avpair = "shell:priv-lvl=1",
> Service-Type = NAS-Prompt-User
>
> DEFAULT Group == router-ro
> cisco-avpair := "shell:priv-lvl=7"
>
> DEFAULT Group == router-rw
> cisco-avpair := "shell:priv-lvl=15"
>
> However, system users not in group router-ro or router-rw are
> still able to login with privilege level = 1. Is there a way
> to force only group router-ro and router-rw can login?
>
>
Add:
DEFAULT Auth-Type := Reject
Reply-Message := "Access denied"
To the end of the users file.
FR
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
