Hi All, I have requirements that I prevent users with a shell of /dev/null from authenticating against freeradius server. Using the rpm provided with RHEL4.0: radiusd: FreeRADIUS Version 1.0.1 I am using the unix module and pam. /dev/null is not listed as a valid shell in /etc/shells, and accounts with /dev/null are currently able to log in (via the DEFAULT entry in the users file). /etc/passwd is not used and accounts are stored on a ldap server. users: DEFAULT Auth-Type = PAM Service-Type = Framed-User, Framed-Protocol = PPP, Ascend-Idle-Limit = 1200, Ascend-Maximum-Time = 15800 radiusd.conf: pam { pam_auth = radiusd } /etc/pam.d/radiusd: auth required pam_stack.so service=system-auth auth required pam_nologin.so account required pam_stack.so service=system-auth password required pam_stack.so service=system-auth session required pam_stack.so service=system-auth /etc/shells: /bin/sh /bin/bash /sbin/nologin /bin/ash /bin/bsh /bin/ksh /usr/bin/ksh /usr/bin/pdksh /bin/tcsh /bin/csh /bin/zsh Any ideas around this? Thanks