It seems (after looking in to it for a few days) that the Merit version
of Radius, when using the Unix-PW authentication type, is checking for a
valid shell for the user (checking against /etc/shells). Problem
is....I don't want it to do this! Our SLIP/PPP accounts (at this point)
have userid's that match the pattern s-???? (with the ?'s being numbers)
with the login shell being /usr/lib/ppp/Login. We don't want to put
/usr/lib/ppp/Login in /etc/shells (for obvious reasons), but we do need
Radius to go ahead and authenticate these users. Right now, its giving
a message (from our PM-25) of Authentication failed.
What I've tried so far:
inserting a "return EV_ACK" right before the code in authenticate.c that
checks against /etc/shells for a valid login shell (around line 765).
No change in behavior.
What am I missing? If this should work, I might possibly have something
else causing the authentication failure, but I'm not sure what else it
would be. Any ideas? Bueller....Bueller.....Bueller.....
Jeff McAdams | "A strange game.
IgLou Internet Services | The only winning move is not to play."
e-mail: jeffm@iglou.com | -- Joshua