[RADIATOR] group DEFAULT. No matching AuthorizeGroup rule

Murat Bilal murat.bilal at ericsson.com
Tue Nov 20 01:18:18 CST 2012 

Hi ,

I try this :  

AuthSelect select PASSWORD,TACACSGROUPID from SUBSCRIBERS
and define
  AuthColumnDef 0, User-Password, check
  AuthColumnDef 1, OSC-Group-Identifier, reply

I got ERR: Execute failed for 'select PASSWORD,TACACSGROUPID from SUBSCRIBERS': Unknown column 'TACACSGROUPID' in 'field list'

In my Subscribers table there is no column like this.Do I need to change mysql schema ?



-----Original Message-----
From: radiator-bounces at open.com.au [mailto:radiator-bounces at open.com.au] On Behalf Of Heikki Vatiainen
Sent: 19 Kasım 2012 Pazartesi 23:33
To: radiator at open.com.au
Subject: Re: [RADIATOR] group DEFAULT. No matching AuthorizeGroup rule

On 11/19/2012 10:13 AM, Murat Bilal wrote:

> <ServerTACACSPLUS>

>         GroupMemberAttr OSC-AVPAIR

Hello Murat,

note that you have set GroupMemberAttr to OSC-AVPAIR here.

> <Handler>
>         <AuthBy SQL>

>           AuthColumnDef 1, OSC-Group-Identifier, reply

Here you are adding OSC-Group-Identifier to the reply. Maybe this should be OSC-AVPAIR or alternatively you should have GropMemberAttr set to OSC-Group-Identifier in ServerTACACSPLUS.

Also, since you have not changed AuthSelect from the default, you should select it to something like

  AuthSelect select PASSWORD,TACACSGROUPID from SUBSCRIBERS

and define
  AuthColumnDef 0, User-Password, check
  AuthColumnDef 1, OSC-Group-Identifier, reply

This will check the request password and and the desired group name to reply if password check succeeds.

Thanks,
Heikki

--
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
_______________________________________________
radiator mailing list
radiator at open.com.au
http://www.open.com.au/mailman/listinfo/radiator

More information about the radiator mailing list