Chris Moss wrote: > Here is an example of a user who is turned off. This shows the invalid > shell where it pulls out part of the passwd entry of another user. Note > the username in this is all the same user. > > Wed Sep 3 08:33:34 2008 : Auth: rlm_unix: [username]: invalid password
The server just does system calls to get the password from /etc/passwd. If that says the user's password is incorrect, it's incorrect. No amount of poking the server will change that. > Wed Sep 3 08:33:48 2008 : Auth: rlm_unix: [username]: invalid shell > [*one Oak United Methodist:/home/loumc:/bin/false* The server just does a system call to get the user's shell, and validate that against the list of valid shells. If that says the shell is invalid, there's little the server can do. i.e. the server is relying on the OS and libraries to get information from the password file. "one Oak United.." is obviously not the correct user shell. So I'd say there's something wrong with your local system. *Unless*, of course you're using an old version of the server, and have configured it to read /etc/passwd itself. This isn't recommended even in old versions of the server. So... don't enable caching in the "unix" module. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html