[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Help-gnu-radius] problems with 0.96 configuration change
|
From: |
Sergey Poznyakoff |
|
Subject: |
Re: [Help-gnu-radius] problems with 0.96 configuration change |
|
Date: |
Sat, 16 Mar 2002 00:22:36 +0200 |
Hello,
Sergio was right that Password should not be used with
Auth-Type=Accept. But your case is a bit different.
The error message was self-explaining:
> test Auth-Type = Accept
> Password = test
>
>
> error: /depot/radius/etc/raddb/users:2: attribute Password not allowed in RHS
RHS stands for Right-Hand Side of the entry. In raddb/users, the RHS of
an entry specifies the attribute-value pairs that must be returned to
the NAS if the user passes authentication. It is obvious, that there
is no use in returning Password to the NAS, that is why this attribute
is not allowed in RHS. (For more information about attribute usage
flags, please refer to
http://www.gnu.org/software/radius/manual/html_node/radius_38.html
The use of Password attribute and its properties is described at
http://www.gnu.org/software/radius/manual/html_node/radius_131.html)
Now your second question:
> test Auth-Type = Accept
This produces a syntax error, since any user entry should contain
three parts: tag, LHS and RHS. In your example, RHS is missing. If you
do not wish to return any attributes to the NAS, use the keyword NULL,
e.g.:
test Auth-Type = Accept
NULL
(the syntax of raddb/users is described in more detail in
http://www.gnu.org/software/radius/manual/html_node/radius_11.html
and
http://www.gnu.org/software/radius/manual/html_node/radius_18.html)
Regards,
Sergey