On Apr 8, 2019, at 8:20 AM, nikolaos.hatzepanagiotides@iese.fraunhofer.de wrote:
Hello, dear community! I am struggeling on prevent freeradius to send a access-reject if the user does not exist in the LDAP-Database.
I did already query if user exist or not and send reply-message “uid not found” but instead I want to send absolutely nothing. But I get Access-Reject because ldap can’t find the uid and set Auth-Type to nothing, so freeradius say “ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject”
That's the default.
Is there any way to tell freeradius to send no reject if user not found? Only if authentication fail because of invalid password, not non-existing username?
That is a very bad idea. If the NAS sends packets to the server, and the server doesn't respond, then the NAS thinks that the server is dead. Don't do this. Or, explain *why* you need to do this, and *why* you think it will work. Alan DeKok.