'Re: Exec and ntlm_auth'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: Exec and ntlm_auth
From:       Alan DeKok <aland () deployingradius ! com>
Date:       2009-11-30 19:52:12
Message-ID: 4B14226C.8070808 () deployingradius ! com
[Download RAW message or body]

freeradius@corwyn.net wrote:
...
> Add to top of ./raddb/users:
> 
> DEFAULT     Ldap-Group == "UserGroup",Service-Type =
> NAS-Prompt-User,cisco-avpair = "shell:priv-lvl=15"

  Are you sure that is correct?

> If I removing authorization from the Cisco config to:
> no aaa authorization exec default group radius none
> 
> and then I can log in.
> 
> At the top of ./users:
> rsteeves   Cleartext-Password := "xxx"
>            Service-Type = NAS-Prompt-User,
>            cisco-avpair = "shell:priv-lvl=15"

  Why does that entry look so different from the previous one?

  See "man users" for documentation on the format, and how it works.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic