J S wrote:
>  I'm running pam_radius 1.3.16 on Solaris 10 using a Cisco ACS backend
> that authenticates to an MS AD server.
> I'm running into an issue where a user will fail a single login attempt
> (one username/password challenge with a bad password) and the ACS will
> record 3 attempts from the client (the Solaris 10 server). after a
> single attempt (or a valid login with a local password) the 3 fails
> bollixes up the AD login attempts and locks the user out. Am I missing a
> compile option to only attempt a single RADIUS login per authentication
> or do I possible have pam.conf misconfigured. I use sshd-kbdint and
> sshd-password with the same results. Otherwise the system works well.

  The module will re-send the request if it doesn't get a response from
the RADIUS server.  Or, if the response is sent from the wrong IP (i.e.
the RADIUS server has multiple IP's).  Or, if the shared secret is

  Alan DeKok.
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to