Hello Dan -
We have discovered a problem with AuthAttrDef - thanks go to
Eric Kilfoil <[EMAIL PROTECTED]> for pointing it out and sending a patch.
Here is an extract from the patches area:
http://www.open.com.au/radiator/downloads/patches-2.16.1/patches.README
30/6/00 Fixed a problem with AuthAttrDef not working properly in
AuthBy LDAP and LDAP2.
Download new AuthLDAP.pm and AuthLDAP2.pm from here.
Please let us know how you get on.
regards
Hugh
On Wed, 28 Jun 2000, [EMAIL PROTECTED] wrote:
> On Tue, 27 Jun 2000, Hugh Irvine wrote:
>
> > Hello Dan -
> >
> > On Sun, 25 Jun 2000, [EMAIL PROTECTED] wrote:
> > > This seems odd to me.
> > >
> > > 1---------
> > > Manual 6.31.11 CheckAttr checkitems
> > > Radiator Config: CheckAttr dialup
> > > LDAP: dialup: Auth-Type=Reject
> > > Test: Rejected
> > >
> > > 2---------
> > > Manual 6.31.13 AuthattrDef ldapattributename, radiusatributename, type
> > > Radiator Config: AuthAttrDef dialup,Auth-Type,check
> > > LDAP: dialup: Reject
> > > Test: OK
> > >
> > > 3---------
> > > Manual 6.31.13 AuthattrDef ldapattributename, radiusatributename, type
> > > Radiator Config: AuthAttrDef Auth-Type,Auth-Type,check
> > > LDAP: auth-type: Reject
> > > Test: Rejected
> > >
> > >
> > > Erm. Seems to me that 1 and 2 are the same thing and should both reject.
> > > 3 I just something silly I did before sleep, but it worked. Broken?
> > >
> > > Is there a better way for me to be denying mailbox only/web only accounts
> > > from dialup? I was just giving them the Auth-Type: Reject check. Any
> > > suggestions on my method or the above strangeness would be appreciated.
> > >
> >
> > Auth-Type is an internal reference to some other authentication type.
> >
> > See section 13.1.5 in the Radiator 2.16.1 reference manual.
> >
>
> Yes, I know that. In section 13.1.5 it says:
>
> "Auth-Type triggers special behavior for authentication the user.
> The possible values are:
>
> * Reject. Any access request will always be rejected. This is
> useful for temporarily disabling logins for a given user."
>
> Which is just what I want to do. That's not the point though. The point
> is, the tests above do not go along with what is stated in section 6.31.13
> but seems to work with the to "be discontinued" section 6.31.11.
>
> Above, test 1 and 2 should work and 3 shouldn't as per the manual. I'm a
> little confused by your answer to a question I didn't ask.
>
> Dan
> Network Systems Engineer
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
