Removing Reply-Message on failed authentication, was Re: NLTM_AUTH(PAP) and MS-CHAP2 together?
tnt at kalik.net
tnt at kalik.net
Tue Mar 10 17:39:02 CET 2009
>I'm just getting back to this problem. I'm lost as to how to implement
>either of these solutions. To summarise, I want to either remove, or just
>not send, any Reply-Message when the user fails authentication. Where
>would I put this attr_filter to delete it, and what does the attr_filer
>look like? I imagine this is documented, but I can't find the relevant
>bits.
>
>> Use attr_filter to delete it.
>>
You don't have to put it - it's already there in Post-Auth-Type REJECT.
Just remove Reply-Message from attrs.access_reject file.
>> Or, update the rules to add the Reply-Message in the "post-auth" section.
Use unlang in Post-Auth-Type REJECT.
update reply {
Reply-Message := whatever
}
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list