More information in the post auth?
Alan DeKok
aland at nitros9.org
Thu Jun 8 01:40:58 CEST 2006
Troy Settle <troy at psknet.com> wrote:
> What variables are available that will tell me which check item failed
> and why?
Debugging mode, and often not even that. What you're asking for is
logging of *every* decision in the server, which is difficult &
expensive.
> For example, if it's the password, how about access to the
> attempted password? "Chap-Password" doesn't cut it when dealing with
> most of our customers. We need to be able to see that the password
> field is blank because Windows XP decided to unsave it, or that they
> need to spell Jesus with a 'u' and not an 'a.'
If the server prints CHAP-Password in a failure message, it's
because the request has a CHAP password. That means there's NO WAY to
know what the user entered, other than it didn't match the stored
password.
Alan DeKok.
More information about the Freeradius-Users
mailing list