Lisa Casey wrote: > I am attempting to use my Freeradius users file to restrict certain > users to a specific realm. In my users file, I have several default > realms specified near the top as so: ... > Next I have users entries as so: > > lisa Auth-Type = Local, Password == xxxxxxx
This is wrong. Do NOT set Auth-Type. Change the "Password ==" text to "Cleartext-Password :=". > I would like to restrict lisa to realm1.com only. So I modified lisa's > entry in the users file like so: > > lisa Realm == realm1.com, Auth-Type = Local, Password == xxxxxxx Make the same changes here. > It doesn't work. In my radius.log I get: > > Fri Dec 5 12:59:05 2008 : Auth: Login incorrect: [lisa/xxxxxxx] (from > client rad03.globalpops.com port 1282 cli 423784xxxx) Stop looking at the radius.log file, and look at the debug output. > Fri Dec 5 12:59:11 2008 : Auth: Login incorrect: [lisa/xxxxxx] (from > client rad04.globalpops.com port 1282 cli 423784xxxx) > > I have tried leaving out Auth-Type, I've changed Password == to > Cleartext-Password == but none of that helped. The FAQ clearly says to use "Cleartext-Password :=". The "man" page for the users file also explains the meaning of the operators. > I can authenticate as > lisa with no realm specified in the users file as a check item, buit as > soon as I add that in, I can no longer authenticate. Any idea what I'm > doing wrong or why this isn't working for me? Without the debug output, it's impossible to know. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
