Hello, I've been testing Exec-Program(-Wait) but I don't get it to work. My goal is to authenticate via external perl script (I want to test this method first, and then I'll try the rlm_perl module).
* My "users" file: pepe Auth-Type:= Local, User-Password == "manolo" DEFAULT Exec-Program-Wait = "/usr/local/freeradius/bin/freeradius_test.pl %{User-Name} %{User-Password}" So I have a local user called "pepe", which always works without problem, and the rest of users should be processed by the external script. If I try some of that other users, I get the following: rad_recv: Access-Request packet from host 127.0.0.1:52572, id=187, length=56 User-Name = "juan" User-Password = "perico" NAS-IP-Address = 10.64.131.22 NAS-Port = 1 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 2 modcall[authorize]: module "preprocess" returns ok for request 2 radius_xlat: '/usr/local/freeradius/var/log/radius/radius.log' rlm_detail: /usr/local/freeradius/var/log/radius/radius.log expands to /usr/local/freeradius/var/log/radius/radius.log modcall[authorize]: module "auth_log" returns ok for request 2 modcall[authorize]: module "chap" returns noop for request 2 modcall[authorize]: module "mschap" returns noop for request 2 rlm_realm: No '@' in User-Name = "juan", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 2 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 2 modcall[authorize]: module "files" returns notfound for request 2 modcall: group authorize returns ok for request 2 auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user auth: Failed to validate the user. Delaying request 2 for 1 seconds Finished request 2 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... Packet-Type = Access-Request Thu Apr 14 11:24:40 2005 User-Name = "juan" User-Password = "perico" NAS-IP-Address = 10.64.131.22 NAS-Port = 1 Client-IP-Address = 127.0.0.1 --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 187 to 127.0.0.1:52572 Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 2 ID 187 with timestamp 425e36d8 Nothing to do. Sleeping until we see a request. I understand Auth-Type is the problem but I don't know how to configure this. In xt-radius it's configured as "Auth-Type External", but this is not allowed in freeradius. How should I configure freeradius to authenticate against the script? If I ommit the Auth-Type, why is freeradius not detecting the auth-type (doc recommends not to specify the auth-type and let freeradius to guess it). I've reviewed and reviewed the documentation but I couldn't find a clear explanation on how to get this kind of external authentication to work :( What am I missing? Thanks in advance. Regards, -RomÃn - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html