On Tue, 8 Mar 2011, Phil Mayers wrote: > On 03/08/2011 03:58 PM, Kenneth Marshall wrote: > > On Tue, Mar 08, 2011 at 04:44:53PM +0100, Kolbj??rn Barmen wrote: > > > > > > Is it possible to use the linelog to provide a "debug light" for > > > rlm_eap and submodules? What I'm looking for is some way to tell why > > > an authentication has failed for a given login attempt, without > > > resorting to full debugging. If it is possible, example > > > configuration is most welcome. > > > > > > Thanks! > > > > > > -- > > > Kolbjørn Barmen > > > UNINETT Driftsenter > > > > You can use raddebug to enable debugging for just the problem > > user. That is usually much easier than trying to instrument the > > radius process piecemeal. > > But not much use if you're asked about it hours later...
Exactly. What I meant to ask for, is some way of having more usefull information from failed logins. Today we're using ldap backend, and the only error message that comes in the log is "rlm_ldap: User not found", regardless of what the real cause is. Typically the only way I have found today is to run debugging and read through the entire session to see what the output from the various rlm_eap_*-modules is. Would be excellent if one could use linelog to create a log of how the eap-negotiation progresses for every login. Thanks again. -- Kolbjørn Barmen UNINETT Driftsenter - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
