Hi, as every year, I'm unleashing the most current version of FreeRADIUS on my unsuspecting students, to see if they find their way around. This year it was 3.0.0 (yesterday, nice timing!) and there was one unfortunate thing. 3.0.0 by default enables "files" for flatfile username and password storage, which is good. In mods-config/files/authorize, the first "normal" entry (not Reject, proper cleartext-password, not a DEFAULT entry, only a single harmless reply item) is the example of "John Doe". In 2.x.x, I used to tell folks that the John Doe entry is the example to uncomment and test auth against. With the shipped default config of 3.0.0 though, John Doe will be rejected even if his password is correct - the "filter_username" will block the user before he even gets to password checking. IMHO, the mods-config/files/authorize should either a) contain a "normal" user higher up, so that it springs to mind as "the thing to do". E.g. a johndoe instead of/before a "John Doe" b) the comments before "John Doe" should explain that for this example to work, filter_username needs to be disabled. Greetings, Stefan Winter -- Stefan WINTER Ingenieur de Recherche Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg Tel: +352 424409 1 Fax: +352 422473 PGP key updated to 4096 Bit RSA - I will encrypt all mails if the recipient's key is known to me http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66