Hi,
your configuration reads
if (gid =~ /vpn-access/) {
and just isn't valid syntax. "tac_plus-ng -P ..." confirms this.
Cheers,
Marc
On 14.03.2024 21:03, Carlos Lopez wrote:
> Sure, attached is my config for further review along with *mavistest*
> output
>
> /usr/local/bin/mavistest -d -1 /usr/local/etc/tac_plus-ng.cfg
> tac_plus-ng TACPLUS carlopez
> Input attribute-value-pairs:
> TYPE TACPLUS
> TIMESTAMP mavistest-2961-1710446425-0
> USER carlopez
> TACTYPE INFO
>
> Output attribute-value-pairs:
> TYPE TACPLUS
> TIMESTAMP mavistest-2961-1710446425-0
> USER carlopez
> DN cn=carlopez,ou=users,dc=lab,dc=net
> RESULT ACK
> UID 1001
> GID vpn-admins
> HOME /home/carlopez
> SERIAL Xyn8wVemc2PZeF+S6ZzLcA=
> IDENTITY_SOURCE 1
> TACTYPE INFO
> SHELL /bin/bash
>
> Thank you
>
> Cheers,
>
> Carlos Lopez
> On Thursday, March 14, 2024 at 12:03:25 PM UTC-7 Marc Huber wrote:
>
> Hi Carlos,
>
> never seen that ... I'd first check whether the tac_plus-ng.cfg
> configuration is fine (tac_plus-ng -P
> /usr/local/etc/tac_plus-ng.cfg),
> and if that succeeds I'd try "strace -f
tactrace.pl
> <
http://tactrace.pl> ...").
>
> Cheers,
>
> Marc
>
>
> On 14.03.2024 19:51, Carlos Lopez wrote:
> > Hello, new to the group...
> >
> > I'm trying to debug a tacacs+ session but am getting zero output
> when
> > running "
tactrace.pl <
http://tactrace.pl>".
> >
> > My install consisted of the following:
> > *Add Perl Modules*sudo cpan cpan[1]> install Net::IP cpan[1]>
> install
> > Net::TacacsPlus::Packet cpan[1]> install Net::LDAP *Download and
> > install tacacs+ ng*git clone
> >
https://github.com/MarcJHuber/event-driven-servers.git cd
> > event-driven-servers/ ./configure tac_plus-ng make sudo make
> install
> > *Add tacplus config file*cd /usr/local/etc sudo touch
> tac_plus-ng.cfg
> > sudo chmod 755 tac_plus-ng.cfg sudo nano tac_plus-ng.cfg
> >
> > And here's what I get when running *
tactrace.pl
> <
http://tactrace.pl>*
> > carlopez@tacacs01:/usr/local/bin$
tactrace.pl
> <
http://tactrace.pl> --remote=172.30.175.5
> <
https://groups.google.com/d/msgid/event-driven-servers/1c88f317-14c6-43d7-9967-cc2744df324bn%40googlegroups.com?utm_medium=email&utm_source=footer>>.
>
>
> --
> You received this message because you are subscribed to the Google
> Groups "Event-Driven Servers" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to
event-driven-ser...@googlegroups.com.
> To view this discussion on the web visit
>
https://groups.google.com/d/msgid/event-driven-servers/c2645abd-80a0-4f57-9636-04c144c01748n%40googlegroups.com
> <
https://groups.google.com/d/msgid/event-driven-servers/c2645abd-80a0-4f57-9636-04c144c01748n%40googlegroups.com?utm_medium=email&utm_source=footer>.