So.... Still not sure what file is tweaking this. I ended up copying the entire /raddb dir from ServerB to ServerA to get the same exact behavior. Prior to that I tried. Replicating (copying the file via ftp): radiusd.conf, users, default, inner-tunnel, radiusd, ... maybe more. I also manually diff'd: chap, mschap, pap, hints, huntgroups, ...maybe more.... Is there additional radiusd args I can use to see what module/file/etc is executing the conditional processing? ... [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop # Begin output of goofy processing ++? if (!control:Auth-Type) ? Evaluating !(control:Auth-Type) -> FALSE ++? if (!control:Auth-Type) -> FALSE # End output of goofy processing Found Auth-Type = MSCHAP +- entering group MS-CHAP {...} ... I'll be more than happy to sanitize numerous pages of radiusd -X output from both servers, but I captured and diff'd those and accounted for all diffs from the startup process. As noted, I also replicated the most common conf files that I probably tweaked. Weird... Thanks! Gary -----Original Message----- From: Gary Gatten Sent: Saturday, March 05, 2011 9:17 AM To: 'freeradius-users@lists.freeradius.org' Subject: Re: Hopefully quick question: conditional processing sneaking in and setting Auth-Type Yeah, when I wrote the email I figured I'd get at least one reply like that. I was hoping the position/sequence of the event would be enough to point me in he right direction. I'll capture the startups and auth requests / replies from both servers. In the mean time I'm thinking the mschap module on the failing server isn't quite right. Both have changes that are commented out, but who knows, maybe I missed something. I think it (failing) might be a slightly older version than the other as well. ----- Original Message ----- From: Alan DeKok [mailto:aland@deployingradius.com] Sent: Saturday, March 05, 2011 12:38 AM To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Subject: Re: Hopefully quick question: conditional processing sneaking in and setting Auth-Type Gary Gatten wrote:
I can't find where this conditional processing is happing. I have two FR servers with "nearly" the same config. Auth works on one, but not the other:
Posting 2-3 lines of debug output doesn't help. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html <font size="1"> <div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in'> </div> "This email is intended to be reviewed by only the intended recipient and may contain information that is privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any review, use, dissemination, disclosure or copying of this email and its attachments, if any, is strictly prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system." </font>