>rad_recv: Access-Request packet from host myswitchip port 1645, id=139, >length=80 > NAS-IP-Address = myswitchip > NAS-Port = 1 > NAS-Port-Type = Virtual > User-Name = "myusernamer" > Calling-Station-Id = "myclientip" > User-Password = "myvalid_ldap_password" >+- entering group authorize .. >++- entering policy redundant > users: Matched entry DEFAULT at line 11 >+++[files] returns ok >++- policy redundant returns ok
OK. Your redundant section is not going to make much sense if you are going to have matches on DEFAULT entries in files. files will always be used while ldap and ciscopwd - never. On top of that you are setting auth type ldap - remove files from redundant section and delete that auth type entry from it. > >The myusername is same in the ciscopwd file and in LDAP, but the passwords are >different. Why??? That file should be for users that are not in ldap or as ldap backup (same user, same password, so when ldap server fails they can still connect). Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html