Thanks Alan, here's where I've ended up so far...
Fri Mar 13 09:57:22 2009 : Error: rlm_ldap: (re)connection attempt failed Fri Mar 13 09:57:22 2009 : Info: [ldap] search failed Fri Mar 13 09:57:22 2009 : Debug: rlm_ldap: ldap_release_conn: Release Id: 0
Fri Mar 13 09:57:22 2009 : Info: +++[ldap] returns fail Fri Mar 13 09:57:22 2009 : Info: +++- entering group {...} Fri Mar 13 09:57:22 2009 : Info: ++++[control] returns fail Fri Mar 13 09:57:22 2009 : Info: ++++[ok] returns ok Fri Mar 13 09:57:22 2009 : Info: +++- group returns ok
That sets Do-Not-Respond ...
Fri Mar 13 09:57:22 2009 : Info: ++- policy redundant returns ok Fri Mar 13 09:57:22 2009 : Info: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
.. but that puts it to Access-Reject.
From this code...
authorize { preprocess auth_log chap mschap files redundant { ldap group { update control { Response-Packet-Type = Do-Not-Respond
Try changing that to Tmp-String-0 := "silent"
} ok } } }
And than add to Post-Auth-Type REJECT: if(control:Tmp-String-0 == "silent") { update control { Response-Packet-Type := 256 } } Ivan Kalik Kalik Informatika ISP