-----Original Message-----
From: cour...@lists.sourceforge.net [mailto:courier-users-
boun...@lists.sourceforge.net] On Behalf Of Gordon Messmer
Sent: Thursday, March 22, 2007 10:53 AM
To: cour...@lists.sourceforge.net
Subject: Re: [courier-users] Fedora + courier + authlib + radius
Dan Delaney wrote:
I believe I have pinpointed where this error is coming from. User1 is
more
of a management account (mine) which allows full access to everything,
while
user2 is a simple "mailbox only" account. What appears to be happening
is
that our OpenVMS radius server is allowing user1 because it will permit
the
interactive-logon, but failing user2 because it does not allow
interactive-logins. When we manually allowed these logins for user2, it
went
through without any problems.
OK. I took a look at pam_radius_auth. It does appear to implement
session management functions, contrary to my expectations (oh, those
crazy expectations). Try removing the "account" and "session" lines
from the pam configuration file, and see if you still need to change
things on your radius server.
So my next issue is selectively choosing what service type is used for
which
protocol. I Saw a patch from 2000 which added a service_type function
to
pam_radius_auth, but it does not seem to be in the current release. I
Was
going to try to manually patch and recompile. (copying and pasting the
patch
didn't seem to work right)
It'd be more maintenance if you had to go that way, but I'm curious what
works. Let me know.
I think I am going to just leave it. Its working, and don't want to putz
around anymore =)
Thanks for your help!
8 messages in net.sourceforge.lists.courier-usersRe: [courier-users] Fedora + courier ...
