Auth-Type in authorize users' file

Angel L. Mateo amateo at um.es
Thu Feb 26 08:10:35 CET 2015


El 25/02/15 a las 15:42, Alan DeKok escribió:
> On Feb 25, 2015, at 3:13 AM, Angel L. Mateo <amateo at um.es> wrote:
>> 	Meanwhile, I've been looking for information. According to http://deployingradius.com/documents/configuration/auth_type.html (Common misuses section), Auth-Type main use is to force the user to be accepted or rejected, but Auth-Type should not be used. In the doc modules/ldap_howto.rst.gz doesn't use this too.
>
>    It *recommends* to not force Auth-Type.  Because forcing it is almost always wrong.
>
>> 	According to this, I'm trying to remove the Auth-Type = LDAP on the users' file. But now the user is rejected and freeradius debug shows:
>>
>> (0) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject
>>
>> 	So, what is the correct way to configure?
>
>    For you, set Auth-Type to LDAP.
>
>    If it works… do it.  Otherwise, don’t.  The recommendation comes because some people are dead set on using it.  Then, they complain that “it doesn’t work”.  Sometimes it’s easier to just say “don’t do that”, instead of giving explanations those people don’t read.
>
	Ok. Thank you very much.

-- 
Angel L. Mateo Martínez
Sección de Telemática
Área de Tecnologías de la Información
y las Comunicaciones Aplicadas (ATICA)
http://www.um.es/atica
Tfo: 868887590
Fax: 868888337


More information about the Freeradius-Users mailing list