Mitchell, Michael" <[EMAIL PROTECTED]> wrote: > Is there a way to get the radius server (freeradius 1.0.0) to process > the post-auth section after an authorization failure?
No. If the authenticate section returns "reject", then the "reject" sub-section of "post-auth" is used. > eg when my rlm_ldap module returns USERLOCK (due to account status being > non-active), a reject message is returned (as expected), however the > post-auth section of radiusd.conf is skipped. You can use doc/configurable_failover to re-write the "userlock" to "reject", in which case it should work. Aaln DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
