With the kind help of Alan DeKok last week, I was able to configure the sending of properly formed accounting packets to my freeradius server, which successfully logged to mysql.
And I can successfully authenticate a testuser. However, I am now having difficulty in the access stage. All of my users reside in ldap. They have an attribute radiusClass, which if set to "AnalogUser" should allow them access. I have the following lines in radiusd.conf: access_group = "ou=People,o=CTTEL,c=US" access_attr = radiusClass I can search successfully by doing an ldapsearch at the commandline for either the user, the radiusclass, or both. However, I am unsuccessful with radius. A log excerpt is below: rlm_ldap: performing search in ou=People,o=CTTEL,c=US, with filter (uid=gozilla) rlm_ldap: checking if remote access for gozilla is allowed by radiusClass rlm_ldap: checking user membership in dialup-enabling group ou=People,o=CTTEL,c=US radius_xlat: 'ou=People,o=CTTEL,c=US' radius_xlat: 'radiusClass' rlm_ldap: performing search in ou=People,o=CTTEL,c=US, with filter radiusClass rlm_ldap: ldap_search() failed: Bad search filter I might just be way off track right now... Thanks in advance for any help. -- Sincerely, Michael Klatsky Senior Unix Administrator Connecticut Telephone 1 Talcott Plaza Hartford, CT 06103 1-860-240-6496 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html