Users file formatting

Jonathan Gazeley Jonathan.Gazeley at
Wed Feb 18 13:53:34 CET 2015

Hi list,

This is hopefully a simple question. I've been using a simple users file 
to authenticate a handful of users that don't exist in AD with entries 
like this, which works:

test-account1        Cleartext-Password := "password", 
MS-CHAP-Use-NTLM-Auth := no

I also want to have a couple of test accounts that are restricted to MAC 

test-account2           Cleartext-Password := 'password', 
Calling-Station-Id == "00:11:22:33:44:55", MS-CHAP-Use-NTLM-Auth := no

However radius -XC bombs out with "Unexpected trailing comma in check 
item list for entry test-account2"

According to the manpage for the users file, I've formatted it correctly 
with commas between each check-item. I wondered if MS-CHAP-Use-NTLM-Auth 
was a reply-item so I tried to move it onto its own line with a tab, but 
this throws "Parse error (reply) for entry test-account2 (unknown error)"

Can anyone advise on how to format users entries like this, and even if 
it is possible to require specific mac addresses in this way?


More information about the Freeradius-Users mailing list