There are two tables called RADGROUPAUTH and RADUSERS.How are they related with each other.i add a user from Radmin Page but cannot define it is group inorder to do TACACS+ authorization.I can do it AuthBy File clause.But I want to use mysql database inorder to use TACACS authorizarion.
I added a new user from RADMIN but it always use the group2 defined in
<ServerTACACSPLUS> clause.Although the user do not belong any group.
My <ServerTACACSPLUS> includes two groups but always reply come from group2.I
am very confused.please help.
<ServerTACACSPLUS>
AddToRequest OSC-Group-Identifier = group1
AddToRequest OSC-Group-Identifier = group2
AuthorizeGroup group1 permit service=shell cmd=\*
{cisco-avpair="priv-lvl=15"}
GroupMemberAttr OSC-Group-Identifier
AuthorizeGroup group1 permit service=shell cmd=show cmd-args=.*
AuthorizeGroup group1 permit .*
AuthorizeGroup group2 deny .*
</ServerTACACSPLUS>
My sample radius.cfg I at the attachment.
MURAT BÄ°LAL
Services Engineer
Ericsson Turkey
CU Customer Support
Cyber Plaza C Blok Kat:1 No:146
Cyberpark 6800 Bilkent/Ankara
Mobile +90 554 898 98 43
[email protected]<mailto:[email protected]>
www.ericsson.com
[cid:[email protected]]<http://www.ericsson.com/>
This Communication is Confidential. We only send and receive email on the basis
of the terms set out at
www.ericsson.com/email_disclaimer<http://www.ericsson.com/email_disclaimer>
<<inline: image001.png>>
radius.cfg
Description: radius.cfg
_______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
