回复：

Thu Sep 2 06:46:18 CEST 2010

--- 10年9月2日，周四, John <elmer_radius at yahoo.com.cn> 写道：

发件人: John <elmer_radius at yahoo.com.cn>
主题: 
收件人: freeradius-users at lists.freeradius.org
日期: 2010年9月2日,周四,下午12:45

Hi all,  We upgrade freeradius from 1.1.6 to 2.1.18 recently.  Looks 2.1.8 will reply a Access-Reject when [ldap] return fail, but 1.1.6 is just keep silence.  Is there a way to let 2.1.8 reply nothing in the case?

Listening on authentication address * port 1812
Listening on proxy address * port 1814
Ready to process requests.
rad_recv: Access-Request packet from host 10.155.20.85 port 32770, id=182, length=130
        Service-Type = Authorize-Only
        NAS-Port-Type = Wireless-802.11
        User-Name = "test2008"
        MS-CHAP-Challenge = 0x766bb4f5ae93e28b4630b8fbc674e137
        MS-CHAP2-Response = 0x3700e851effcf3aa3f7731204ca90dcbd98300000000000000006c9248ca4d87e72d0b4a91dbd2672bb1f8f5b725187953ff
        NAS-IP-Address = 10.155.20.85
+- entering group authorize {...}
++[chap] returns noop
[mschap] Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap'
++[mschap] returns ok
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[ldap] performing user authorization for test2008
[ldap]  expand: (sAMAccountName=%{mschap:User-Name}) -> (sAMAccountName=test2008)
[ldap]  expand: OU=Domain Controllers,dc=aero-hz,dc=cn -> OU=Domain Controllers,dc=aerohive-hz,dc=cn
  [ldap] ldap_get_conn: Checking Id: 0
  [ldap] ldap_get_conn: Got Id: 0
  [ldap] attempting LDAP reconnection
  [ldap] (re)connect to 10.155.3.2:389, authentication 0
  [ldap] bind as hhe at aero-hz.cn/w200h to 10.155.3.2:389
  [ldap] hhe at aero-hz.cn bind to 10.155.3.2:389 failed: Can't contact LDAP server
  [ldap] (re)connection attempt failed
[ldap] search failed
  [ldap] ldap_release_conn: Release Id: 0
++[ldap] returns fail
Sending Access-Reject of id 182 to 10.155.20.85 port 32770
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 0 ID 182 with timestamp +10
Ready to process requests.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100902/00bf7dec/attachment.html>