> Again, I don't understand why you have it set up to do PAM > authentication, in addition to EAP. It should do one OR the other.
Actually, I'm planning to do this myself... The EAP client (Aironet, BPS2K, etc.) authenticates to FreeRADIUS, but FreeRADIUS itself needs authoritative information somewhere, hence PAM. I, for example, wish to authenticate users against a Kerberos server, so my unix machines use PAM and pam_krb5.so. So with FreeRADIUS, I should (hopefully) be able to use the Kerberos server (via PAM) to *authenticate* users, but use the raddb/users database to *authorize* users (EAP attributes). --J - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
