Hello, We are using realm's, but when a user is autherize and authenticated the realm is not removed.
Regards Allister Maguire RADIUSD.CONF: Made change to modules ldap{} and pam{}, rest is default. authorize { preprocess # counter # attr_filter # eap suffix files ldap # mschap } authenticate { pam # unix # ldap # mschap # eap } PROXY.CONF: As default, but these changes: realm XXX.XXX.XX { type = radius authhost = LOCAL accthost = LOCAL } # # This realm is for requests which don't have an explicit realm # prefix or suffix. User names like "bob" will match this one. # realm NULL { type = radius authhost = LOCAL accthost = LOCAL } DEBUG: rad_recv: Access-Request packet from host 127.0.0.1:32853, id=22, length=68 Thread 3 assigned request 2 --- Walking the entire request list --- Cleaning up request 1 ID 18 with timestamp 3cf6b8b2 Nothing to do. Sleeping until we see a request. Thread 3 handling request 2, (1 handled so far) User-Name = "[EMAIL PROTECTED]" User-Password = "@\022kJ\363\rY\267\346\313\214"(\245\306\200" NAS-IP-Address = 255.255.255.255 NAS-Port-Id = "1" modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok modcall[authorize]: module "suffix" returns ok users: Matched DEFAULT at 1 modcall[authorize]: module "files" returns ok rlm_ldap: - authorize rlm_ldap: performing user authorization for ssaint radius_xlat: '([EMAIL PROTECTED])' radius_xlat: 'ou=People,ou=XXX,ou=XXX,dc=XXX,dc=XXX,dc=XX' ldap_get_conn: Got Id: 0 rlm_ldap: performing search in ou=People,ou=XXX,ou=XXX,dc=XXX,dc=XXX,dc=XX, with filter ([EMAIL PROTECTED]) rlm_ldap: object not found or got ambiguous search result rlm_ldap: search failed ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns notfound modcall: group authorize returns ok rad_check_password: Found Auth-Type Pam auth: type "Pam" modcall: entering group authenticate pam_pass: using pamauth string <radiusd> for pam.conf lookup pam_pass: authentication succeeded for <ssaint> modcall[authenticate]: module "pam" returns ok modcall: group authenticate returns ok Sending Access-Accept of id 22 to 127.0.0.1:32853 Service-Type = Framed-User Framed-Protocol = PPP Framed-Netmask = 255.255.255.255 Framed-Routing = None Framed-Compression = Van-Jacobson-TCP-IP Ascend-Assign-IP-Pool = 6 Ascend-Maximum-Channels = 1 Finished request 2 Going to the next request Thread 3 waiting to be assigned a request - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html