Andrei Petru Mura wrote: > I understand that when group's check conditions aren't meet, I can login > neglecting the group's attributes. Can anybody tell me how to avoid that > behavior? I think that if a user belongs to a group and the checks for > the group aren't meet, the user shoudn't be able to be authenticated. Am > I wrong? If not, what's the problem to my issue?
That's wrong. The group checks are useful, but not required. Users can be members of multiple groups. If you want users from only one group to authenticate, then check for that group membership, and reject anyone who isn't a member. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
