I've uncommented the unix line in authenticate and left the /etc/shadow, /etc/group, /etc/password files commented out of the unix module definition part: unix { cache = no cache_reload = 600 #passwd = /etc/passwd #shadow = /etc/shadow #group = /etc/group radwtmp = ${logdir}/radwtmp } but am still getting the following in my log: Auth: rlm_unix: [baduser]: invalid password Debug: modsingle[authenticate]: returned from unix (rlm_unix) for request 0 Debug: modcall[authenticate]: module "unix" returns reject for request 0 I am 100% positive I'm putting the password in correctly. The user "baduser" has a shell of /sbin/nologin. Would that account for any of this? Thanks Matt mda@unb.ca -----Original Message----- From: Alan DeKok [mailto:aland@deployingradius.com] Sent: March 2, 2007 4:47 AM To: mda@unb.ca; FreeRadius users mailing list Subject: Re: guest acces? Matt Ashfield wrote:
Now I know Alan does not recommend DEFAULT Auth-Type, but for here, I think it might be necessary. So in my users file, I added the following:
DEFAULT Auth-Type := System Fall-Through = Yes
Don't use ":=", use "=".
Thinking that would allow my users who have accounts on the server to login. However, that is not working because in the logs in debug mode I see:
Debug: modcall: group authorize returns ok for request 0 Debug: rad_check_password: Found Auth-Type System Debug: auth: type "System" Debug: ERROR: Unknown value specified for Auth-Type. Cannot perform requested action. Debug: auth: Failed to validate the user.
You deleted the "unix" entry from the "authenticate" section. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog