Ivan Kalik escribió:
If I don't put Cleartext-Password := "" field (""!!!), the user always be rejected. Can anybody to explain this? I haven't tried with some password, because results me ridiculous, I haven't configure any password for clients...
Let's put that to the test. Put the username that you want to test on the very first line of users file. Just username, nothing else as check or reply and a blank row after. And post the debug of that user being rejected.
You are saying that you have to have some kind of password or something else configured for the user. I'm telling you that you don't: just usernames separated by blank rows. Totally trivial entries that only prevent users file being read down to the Auth-Type Reject line.
Ivan Kalik Kalik Informatika ISP
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
__________ Información de NOD32, revisión 3257 (20080710) __________
Este mensaje ha sido analizado con NOD32 antivirus system http://www.nod32.com
The situation that you exposed logically works. But I can't authorize all users in spite of having a valid certificate, because the public PKI..... Then, users file: ...... "user1" ........ "user2" ........ DEFAULT Auth-Type := Reject ........ works, but if I put "userX" into another file and make an include, don't. In this situation, If I append an empty cleartext-password, works, with fall-through = no (I haven't tried with fall-through = yes because isn't logic) On the other side, I put Fall-Through attribute to tell radius that should stop when a user matches users file, but looks isn't necessary. I'm confused....