Fwd: (RADIATOR) problem with : Auth By SYSTEM

Hugh Irvine hugh at open.com.au
Wed May 15 20:24:51 CDT 2002 

Hello Per -

You will need the UseGetspnamf parameter in your AuthBy clause:

# requires ftp://ftp.eur.nl/pub/homebrew/Shadow-0.01.tar.gz

<AuthBy SYSTEM>
	Identifier System
	UseGetspnamf
	.....
</AuthBy>

Have a look at section 6.36.2 in the Radiator 3.0 reference manual.
("doc/ref.html" in the distribution).

There is also an example in "goodies/system.cfg".

regards

Hugh


> >
> > Senario :
> >   Radiator v.3  running on SuSE enterprise v.7
> >   Using "AuthBy System" for user validation
> >   Radiator is used to give admin rights when telnet to routers.
> >
> >
> > Problem :
> >   User account is expired but Radiator still authenticates user and
> > permits login......!
> >   Se config below.
> >   If the same user logs in to the server thats running radiator using
> > telnet, the message "Access denied" is displayed.
> >
> >
> >
> > Med venlig hilsen / Kind regards
> >
> > Per Lütkemeyer
> > Netværkskonsulent
> > -----------------------
> > DMdata a/s
> > pel at dmdata.dk
> > -----------------------
> >
> >
> > Config-file:
> > *******************************************************************
> >
> > #------------------------------------------------
> > # Global parameters
> > #------------------------------------------------
> > #
> > Foreground
> > # LogStdout
> > #
> > AuthPort 1645
> > AcctPort 1646
> > LogDir          /var/radiator
> > LogFile         /var/radiator/logfile.txt
> > DictionaryFile  /usr/local/src/Radiator-3.0/dictionary
> > Trace           4
> > #
> > #------------------------------------------------
> > # Clients
> > #------------------------------------------------
> > <Client DEFAULT>
> >         Secret  hundelort
> >         Identifier      Test
> >         IdenticalClients        127.0.0.1
> > </Client>
> >
> >
> >
> > ################################################
> > # Handlers
> > ################################################
> >
> > <Realm DEFAULT>
> >     <AuthBy FILE>
> >         Filename /usr/local/etc/grupper.cfg
> >     </AuthBy>
> > </Realm>
> >
> > <AuthBy SYSTEM>
> >     Identifier System
> > </AuthBy>
> > *******************************************************************
> >
> >
> >
> > grupper.cfg -file :
> > ******************************************
> >
> > #------------------------------------------------------------
> > DEFAULT Auth-Type = System, Group = users, Client-Identifier = Test
> >         cisco-avpair = "service=shell",
> >         Service-Type = Administrative-User,
> >         cisco-avpair = "shell:priv-lvl=15"
> >
> > *******************************************************************
> >
> > -------------------------------------------------------

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list