module-failure-message in exec module
Phil Mayers
p.mayers at imperial.ac.uk
Fri Jun 7 15:38:42 CEST 2013
On 07/06/13 14:05, stefan.paetow at diamond.ac.uk wrote:
> Andy,
>
> You may want to try and set it in inner-tunnel's post-auth section:
>
> if (Module-Failure-Message) {
> update outer.reply {
> Module-Failure-Message := "%{Module-Failure-Message}"
> }
> }
>
> That way the response is copied to the outer reply.
Doesn't work. Inner tunnel reject is turned into outer tunnel
access-challenge for PEAP, so post-auth isn't run, and by the time
post-auth does run, the attribute is forgotten.
Better to just upgrade to 2.2.x with the inner-tunnel post-auth patch
applied.
More information about the Freeradius-Users
mailing list