Hi, > DEFAULT LDAP-Group == "CiscoRWL2Lr", Auth-Type := Accept > Reply-Message = "Welcome! You have administrative access.", > Service-Type = NAS-Prompt-User, > cisco-avpair = "shell:priv-lvl=15"
as already said, you've configured your RADIUS server to accept ANYONE who is in the CiscoRW2Lr group - even if their password is 100% wrong. Auth-Type := Accept opens your box to basically not caring about authentication.... only authorization. remove the auth-type and ensure your authentication is working - which will need some work for AD alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
