=?iso-8859-1?Q?Alejandro_Mart=EDnez_Marcos?= <[EMAIL PROTECTED]> wrote: > I would like to authorize the user against LDAP, and if LDAP > returns error or not found set Auth-Type = Reject. What do I > have to write in radiusd.conf to get this?
Nothing. > I know that if no Auth-Type is set, the user will also be rejected, but > this is not enough for me, because my authorize modulus is like this: > authorize { > eap > ldap > } > Although the user is not present in ldap, the eap inizialization is > setting Auth-Type = EAP!! The EAP module doesn't supply a password, but it needs one to do EAP. So if the LDAP module doesn't supply one either, EAP authentication will fail. "Auth-Type = EAP" says to TRY to authenticate the user via EAP. If there's no password, that authenticatsion will fail. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html