Does anybody knows if there is a way to configure time based restriction
("Time" check item) for users authenticated via Authby UNIX ou SYSTEM?
Using Radiator v.2.13.1 with latest patches, OS platform is IBM AIX
v.4.1.5.
The user in question has it group set to "admfin". By looking at the log
(debug level of 5) Radiator seems to ignore "Time" check item,
authenticating and authorizing the user any time of day.
TIA,
Here is our radius.cfg file (no secrets and renamed some files, paths):
# radius.cfg
#
# Configuration file for radius server
#
# Author: Mike McCauley ([EMAIL PROTECTED])
# Copyright (C) 1997 Open System Consultants
# $Id: radius2.cfg,v 1.4 1998/03/06 04:43:37 mikem Exp $
#
#Foreground
#LogStdout
#Trace 9
AuthPort 1645
AcctPort 1646
LogDir <**OMITTED**>
DbDir <**OMITTED**>
LogFile %L/<**OMITTED**>
DictionaryFile %D/dictionary
<SessionDatabase DBM>
Filename %L/<**OMITTED**>
</SessionDatabase>
<Client **OMITTED_NAS_NAME**>
Secret **OMITTED**
DefaultRealm **MYREALM**
</Client>
<Realm DEFAULT>
RewriteUsername s/^([^@]+).*/$1/
AuthByPolicy ContinueWhileAccept
<AuthBy FILE>
Filename %D/MYUSERSFILE
</AuthBy>
MaxSessions 1
AcctLogFileName %L/%Y%m/detail-%d
</Realm>
<Realm SoparatratarUNIXPW>
<AuthBy UNIX>
Identifier System
Filename %D/MYPASSWDFILE
GroupFilename %D/MYGROUPFILE
</AuthBy>
</Realm>
#**** EOF radius.cfg ****
And here the relevant part of MYUSERSFILE:
#**** BOF MYUSERSFILE ****
DEFAULT Auth-Type = System, Group = poponly, Auth-Type = "Reject:Essa conta eh somente
para E-mail"
DEFAULT Auth-Type = System, Group = fwdonly, Auth-Type = Reject
Reply-Message = Esse eh POP
DEFAULT Auth-Type = System, Group = ftponly, Auth-Type = Reject
Reply-Message = Esse eh POP
DEFAULT Auth-Type = System, Group = hponly, Auth-Type = Reject
Reply-Message = "Acesso Proibido"
#
# Here is the clase in question
#
DEFAULT Auth-Type = System, Group = admfin, Time = "Al1200-1800"
Service-Type = Login-User,
Reply-Message = "Conectado!"
DEFAULT Auth-Type = System, Service-Type = Framed-User
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254,
Framed-Routing = None,
Framed-MTU = 1500,
Framed-Compression = Van-Jacobson-TCP-IP
DEFAULT Auth-Type = System
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254,
Framed-Routing = None,
Framed-MTU = 1500,
Framed-Compression = Van-Jacobson-TCP-IP
#**** EOF MYUSERSFILE ****
--------------------------------------
Jose Roberto Bulcao - RioLink Internet
Tel : (021) 577-8899
e-mail : [EMAIL PROTECTED]
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.