Hi, I'm trying to set up ocserv so it can be used by anyconnect users. Authentication is done via certificates and passwords (via pam). The group is determined from the cert DN and there's no group selector (although anyconnect displays the group). Both user and group are correctly shown in the debug output: ocserv[12766]: sec-mod: auth init for user 'testuser' (group: 'vpntest') from '192.168.2.13' The config-per-group files, however, are not being read at all and it seems that the proc->groupname seen in get_sup_config() is empty. config-per-user _is_ read correctly. I was using ocserv 0.8.4 as well as the latest git version. My group-related config: cert-group-oid = 2.5.4.3 auto-select-group = true config-per-group = /etc/ocserv/config-per-group/ Any idea where or why the group information is lost ? Regards, Norbert
