We have multiple realms we are wanting to authenticate. However, we
have some users that should only be able to authenticate in one realm.
Here's the scenario:
User joe should log in as [EMAIL PROTECTED] If he does, his name is
rewritten to 'joe' and passed to the Unix passwd check for verification.
He should be able to log in this way, but he should NOT be allowed to log
in as [EMAIL PROTECTED] or [EMAIL PROTECTED]
I thought I could simply add this in the 'users' file:
joe Auth-Type = System, Realm = filter.wingnet.net
However, after the name is rewritten to 'joe' and passed to the AuthUNIX
it kicks back this error:
AuthUNIX llks for match with joe
AuthUNIX REJECT: Realm does not match
AuthUNIX REJECT: Realm does not match
Access rejected for joe: Realm does not match
This appears to be frustrating my purpose. Any ideas on how to do what
I want to do?
btw -- my radius.cfg entry for the filter realm is thus:
<Realm filter.wingnet.net>
RewriteUsername ....stuff per docs...
<AuthBy FILE>
NoDefaultIfFound
DefaultSimultaneousUse 1
Filename %D/users
</AuthBy>
</Realm>
Thanks for any help offered...
Craig Thompson
----------------------------------------------------------------------
WingNET Internet Services,
P.O. Box 3000 // Cleveland, TN 37320-3000
423-559-LINK (v) 423-559-5444 (f)
http://www.wingnet.net
----------------------------------------------------------------------
Thought for the day:
Intuition (n): an uncanny sixth sense which tells people
that they are right, whether they are or not.
===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
