Authorize section not getting called
Alan DeKok
aland at deployingradius.com
Fri Feb 2 16:50:49 CET 2018
On Feb 2, 2018, at 10:37 AM, Michael Sartain <mikesart at fastmail.com> wrote:
> Ok, figured it out. Synology has customized their version of radius.
>
> https://sourceforge.net/projects/dsgpl/files/Packages/DSM%205.2%20Package%20Release/
:(
> rad_authenticate() in src/main/auth.c has an added call to CheckAuth(), which
> winds up doing this:
>
> // local only, ad only, ldap only, "ad + local" ad part
> if (0 > SYNOUserGet(szFullNameUser, ppUser)) {
> radlog(L_ERR, "Login incorrect: Incorrect user name (input name [%s], full name [%s])", szUserName, szFullNameUser);
> goto End;
> }
>
> I'm no expert on freeradius, but I'm pretty sure this could have been handled
> in a more standardized / transparent way. Oh, well.
Yup.
I've seen some horribly butchered versions of the server. And had to explain too many times that the added functionality already existed in the default distribution.
Alan DeKok.
More information about the Freeradius-Users
mailing list