On Feb 11, 2019, at 10:23 AM, Bipin Patel via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
i have the below in authorize
sql { notfound = 1 reject = 2 }
...
but the reject response is never generated from the sql module,
Because the SQL module does not authenticate a user. SQL is a database. FreeRADIUS just looks the user up in the database. The answer is either "yes, the user is there" or "no such user in the database".
if the username doesnt match it generates the notfound and if password doesnt match the pap module rejects the request and sql responds ok but what i want is the sql module to generate the reject response.
Why? This is the typical issue of you have a solution in mind, and you're wondering how to implement it. And, why the server doesn't behave the way you expect. You should instead discuss the *problem* you're having. Why is it important for "sql" to reject the user, instead of "pap" ?
can anyone guide me under what circumstances does the sql module generate a reject response coz i tried setting Auth-Type attribute to reject but still sql doesnt generate reject
The SQL module never rejects a user. You might have 4 different databases for users. It is *wrong* for the SQL module to reject a user. Alan DeKok.