Not responding when a user is unknown

Arran Cudbard-Bell a.cudbardb at freeradius.org
Tue Jul 10 16:15:32 CEST 2012


On 10 Jul 2012, at 14:56, perl-list wrote:

> We have a couple customers whose FreeRADIUS servers do not respond if a user does not exist on their FreeRADIUS system.  If a user authenticates using username: idontexist and password: notarealpass the FreeRADIUS server does NOT send an access denied response, and indeed sends no response at all.  I vaguely remember that this may have been an available setting on FreeRADIUS, but can find no information about it on the internet.  I have been unable to recreate this problem in our lab and the customers who administer these servers seem to be unable to find any explanation.
> 
> Please note I have no access to the servers that this happens on.  The servers are owned by customers of ours.
> 
> So basically, is there a setting that causes the FreeRADIUS server to not respond to Access-Request packets if the username contained there-in is not found in whatever database it is using?

No, but there is a policy, see raddb/policy.conf.

If you call the 'do_not_respond' policy the server won't respond… Calling or returning handled would probably have the same effect depending on the section…

Without debug logs there's not much else to suggest.

Seeing as you're a business, commercial support is available if you're desperate and can't get this figured out - http://freeradius.org/business/

-Arran




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120710/e9a349a0/attachment.html>


More information about the Freeradius-Users mailing list