Wrong Password or User does not exist
malizadeh at ce.sharif.edu
Sun Jan 27 20:22:35 CET 2013
Thanks for reply. I am creating a general component and I have tendency
to not change radius server configuration (otherwise, all the users
using my component should set these configurations in their radius
server). Is it possible that we check whether a user with the entered
username exist in the radius server or not by sending a query to the
radius server? I solved this problem in Active Directory by sending ldap
query to the server. In this solution, if the authentication request is
rejected, I will send a query to the server and I will check whether
this user is defined in the active directory or not. If the user exists
in the active directory, I conclude that password is wrong. Otherwise,
the entered username is wrong. Is this solution applicable to the Radius
Server (Radius server supports such query or something like that?) ?
On 1/27/2013 5:42 PM, Alan DeKok wrote:
> malizadeh wrote:
>> I installed a FreeRADIUS and I want to authenticate users by using this
>> server. However, when a request is rejected there is ambiguity:
>> 1. Username exist but password is wrong
>> 2. This username does not exist in the server
>> I need to know which condition is true when an authentication request is
>> evaluated. Any help?
> You need to write a policy which checks for that, and creates a
> different log message for each situation.
> This means understanding your configuration. You need to understand
> what happens when a user doesn't exist. And what happens when a user
> exists, but has a wrong password.
> Alan DeKok.
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
More information about the Freeradius-Devel