Cannot get the return code of rlm_krb5

[LAUDREN Olivier]

Thank you Arran,

Using the Module-Failure-Message in "post-auth" section works!

-----Original Message-----
Sent: 30 March 2017 17:30
> 
> Thanks.
> Actually, the return code will not be enough; I need to get the KRB5_REALM_UNKNOWN and KRB5_KDC_UNREACH codes from Kerberos which are going to "default:" in the switch condition of rlm_krb5.c, indeed.
> I guess the only way would to be compile a custom rlm_krb5 version, am I right?

But, but, but... If you use custom code RedHat won't love you anymore....

> Or maybe there is special attribute I can read to get the exact code?
> Thank you in advance

If they appear in error messages (the big red ones), you may find they're contained in the latest instance of request:Module-Failure-Message.

-Arran


Arran Cudbard-Bell
FreeRADIUS Core Developer

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2



Ce message contient des informations confidentielles à l'intention exclusive du destinataire. Il ne peut être utilisé, divulgué ou copié de quelconque façon que ce soit par une personne autre que le destinataire désigné. Si vous n'êtes pas le destinataire désigné, merci de contacter l'expéditeur et d'effacer ce message. L'expéditeur de ce message n'est pas mandaté à représenter le Parlement européen. Dès lors, ce message ne constitue pas nécessairement le point de vue officiel du Parlement européen, ni un engagement juridique opposable à ce dernier.
This message contains confidential information intended solely for the attention of the named addressee. It may not be used, disclosed or copied in any way whatsoever by anyone else than the intended addressee. If you are not the intended addressee, please contact the sender and delete this message. The sender of this message is not authorized to represent the European Parliament and therefore this message does not necessarily reflect the official position of the European Parliament and is not legally binding upon it.