Nathan Miller <[EMAIL PROTECTED]> wrote: > Item #2. This has got to be just a config issue on my part. Radius is > configured to proxy first, then check the users file second. The key line > in my users file is as follows: > DEFAULT Auth-Type := Accept > Exec-Program-Wait = "/etc/raddb/test.sh", > Fall-Through = Yes > > Freeradius is properly sending the proxy request to the remote server, but > it seems IF the remote server gives the Login OK, THEN freeradius proceeds > to run my script as well and if it does not exit code 0 it will deny the > user even though the remote radius server OK'd the user. Is there a quick > modification I need to do in my users file to omit this step? If the > remote radius servers says OK, I just want the user authenticated.
Then have your script return 0. The fact that the remote server said to authenticate the user does NOT mean you are forced to authenticate the user. FreeRADIUS allows you to do most anything you want that way. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
