Trigger EDIR-Intruder Lockout in FR3

Anja Ruckdaeschel Anja.Ruckdaeschel at
Tue Sep 8 10:09:38 CEST 2015

Hi there,

I wonder what is the designated way in FR 3.0.9 to trigger an eDirectory-Intruder Lockout
with edir_autz=yes in addition?

I want to use 
a, universal password retrieval
b, grace login consumation, account expire check, password expire check, login time restrictions check, attribute checks, etc.
c, intruder lockout trigger (I do a named ldap bind with the login-user with a password which is bad, if mschap rejects)

in one radius config for PEAP/MSCHAPv2 with eDIR.

So far, I only manage to get a and b OR a and c running.

Perhaps you can give me a hint?

Thank you for your time.

Ciao Anja

More information about the Freeradius-Users mailing list