Peter Lambrechtsen wrote:
> Understood, I had just taken examples off the internet about how to
> setup LDAP Auth, which was very misleading by having the Auth-Type being
> set which caused all of my issues in the first place.
And the documentation (web, manual pages, config files) says in many
On Wed, Aug 11, 2010 at 12:40 PM, Alan DeKok wrote:
> Peter Lambrechtsen wrote:
> > I have figured out where my mistake was. I needed to have the users
> > file being used in the authorize section, but I shouldn't have had
> > "Auth-Type := Accept" at the end of each line for the Groups, otherwis
Peter Lambrechtsen wrote:
> I have figured out where my mistake was. I needed to have the users
> file being used in the authorize section, but I shouldn't have had
> "Auth-Type := Accept" at the end of each line for the Groups, otherwise
> if the Auth-Type is set to Accept the authenticate sectio
I have figured out where my mistake was. I needed to have the users file
being used in the authorize section, but I shouldn't have had "Auth-Type :=
Accept" at the end of each line for the Groups, otherwise if the Auth-Type
is set to Accept the authenticate section is never run through.
So now th
On Mon, Aug 9, 2010 at 6:31 PM, Alan DeKok wrote:
> Peter Lambrechtsen wrote:
> > Using FreeRadius 2.1.7 and trying to get the postauth_users to return an
> > access reject however it always seems to return either a noop or ok.
> ..
> > And this is what is in my postauth_users file:
> >
> > DEFAUL
Peter Lambrechtsen wrote:
> Using FreeRadius 2.1.7 and trying to get the postauth_users to return an
> access reject however it always seems to return either a noop or ok.
..
> And this is what is in my postauth_users file:
>
> DEFAULT Auth-Type := REJECT
> Post-Auth-Type = Reject,
Hmm.
I've semi-sorted it by setting a Reply-Message and then using Unlang to
lookup that message a bit ugly, but it works.
In my post-auth section I have:
files
if ("%{reply:Reply-Message}" == "Reject") {
reject
}
And in the postauth_users I have:
DEFAULT Auth
Using FreeRadius 2.1.7 and trying to get the postauth_users to return an
access reject however it always seems to return either a noop or ok.
This is what I get in my radiusd -X trace:
[files] postauth_users: Matched entry DEFAULT at line 30
++[files] returns ok
Sending Access-Accept of id 53 to
8 matches
Mail list logo