(RADIATOR) How to reject users in a file

Forbes Mike Mike.Forbes at Colorado.EDU
Fri Sep 12 15:56:10 CDT 2003


I have a request to block certain users access to our modem pool.

Users are first authenticated by kerb via PAM.  What I would like to do is
have radius then check to see if they are listed in a file and reject them
only if they are listed.  If they are not in the file they can logon.

I saw the username authtype example in the manual, is there a way to do
this in a file for a larger number?

Could you do the AuthByPolicy ContinueWhileReject and put this before my
authbypam below?

My handler is below.

Mike Forbes


<Handler Realm=MODEMS>
        RewriteUsername s/^([^@]+).*/$1/
        <AuthBy GROUP>
                AuthByPolicy ContinueUntilReject
                <AuthBy PAM>
                        Fork
                        Service radiusd
                </AuthBy>
        </AuthBy>
        AuthLog Modem_Login_Failures
         AcctLogFileName %L/Modems.log
</Handler>


===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list